That's not true in all cases. To implement servlets that implement the complete HTTP 1.1 command set it takes some knowledge about the spec and the servlet isn't trivial at all (have a look at the source of tomcats servlet that does this).
For the result the original poster desired there are 2 simple solutions: - to place the file in a protected directory and let tomcat handle the authorisation (Form based login) and the serving of the file - let tomcat serve the file and write a filter that handles the authorisation. (Denies accesss to the file if certain informations are not present) > -----Ursprüngliche Nachricht----- > Von: Ian McFarland [mailto:[EMAIL PROTECTED]] > Gesendet: Freitag, 12. Juli 2002 00:59 > An: Tomcat Users List > Betreff: Re: How to hide a download file > > Writing a servlet to send a file is pretty darned trivial. > Writing one that knows something about session state is > also pretty darned trivial. > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
