Michael Kunze wrote:
ritso - Thomas Pf�fflin wrote:
how can i authenticate the download of binary files (eg. zip or pdf) against the users rights in turbine?
Authentication in screens and actions is not a problem and already done,
but what have i to do, to
ensure that only logged in users can download the binary files. Where
must i pace these files, and
where can i do the check?
Put the File outside of your Webroot. Write a download Action which validates user. If he has access, read the file from disc and pipe it into the output. You probably need to set the encoding type to octet something. Thats how i would do it in PHP *g* Must be simular here.
Michael is right. this might help :
http://wiki.apache.org/jakarta-turbine/Turbine2/VelocityOnlyLayout
It doesn't have all the code but it does deal with the issue of using the correct Layout class.
Regards,
Peter
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
