On 22/09/2011 23:23, Omar Belkhodja wrote: > Thanks Pid. What do you mean by "a mapping" ? Is it some kind of servlet > that would read the file, and create the HTTP answer after having checked > the login ?
An arbitrary URL structure:
/images/{user}/{imageid}
If /images/* was secured, then any user would be authenticated before
your Servlet or Servlet Filter was executed.
In your code, you would examine the Principal & see if it had permission
to proceed. Then return the resource or an error, accordingly.
Your code could request.forward() to another Servlet which actually
returned the image, or could read the image from where it was stored &
serve it directly into the outputstream.
Up to you, where & how you store the image.
p
signature.asc
Description: OpenPGP digital signature
