El 23/09/2011, a las 00:10, Pid <p...@pidster.com> escribió: > On 22/09/2011 23:03, Omar Belkhodja wrote: >> Hello, >> >> I'm trying to create some kind of web application, that will provide access >> to sensitive data for users. Each user, should login first, then after that >> he will be able to display a set of pictures. So the url for pictures, >> should have a protected access, based on the user name. The problem is that >> : >> - the pictures will be added dynamically, into new directories, so I can't >> add a new rule dynamically to the web server to set a new login policy for >> the new directory >> - the access restriction in Tomcat is based on the user's role, not on the >> username. So if I want to restrict uri access, I will have to create a new >> role for each new user, and update the server configuration each time.
You can define your own custom realm. >> Does anyone, know about a solution to this kind of situation ? >> >> Thanks ! > > You're going about this the wrong way. > > Don't actually put the images in accessibly web directories, store them > somewhere else & forward to them via a mapping if the virtual URL passes > auth. > > > p > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
