I certainly don't speak for everyone, but in the past I've either
provided an external folder for upload storage or a database. As far as
security goes, I don't see these being much if any different than
storing the files inside the webapp. In some ways you may get better
access control as the servlet serving them can be customized to provide
very fine grained access.
--David
[EMAIL PROTECTED] wrote:
What's the current wisdom on managing user uploaded files to a web app that's
deployed via a WAR?
In other words, when the WAR is updated, the directory containing uploaded files
would be wiped out.
Do people save uploaded files outside of the web app root directory? Security
issues with this?
Do people not use auto-expanding WAR files and manage the deployment by hand?
Do you not include the directory for uploaded files in the WAR (but create it at
runtime) and then trust that the expanded WAR won't overwrite it on deployment?
Any pointers greatly appreciated!
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
