You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Kiran Patel <ki...@simas.com> on 2003/12/11 15:53:18 UTC
Image Viewing
I am using jsp and tomcat 4.1 for my web application. My application is viewing image which is in the webapps/image folder. This image can also be viewed from the internet by just typing the url. I want to block this since these are the confidential images. Does anybody know how to do that. Thanks in advance.
Kiran Patel
Re: Image Viewing
Posted by Rodrigo Ruiz <rr...@gridsystems.com>.
Kiran, if condifentiality is your main concern, I will suppose you are
using some kind of authentication mechanism in your webapp.
If you are using container authentication, just add the image directory
to your security restriction, and only authenticated users will have
access to the images.
If your authentication scheme is different, but you can access the
credentials data from the request, you could implement a filter that
denies access to non-authenticated requests, and map the filter to the
images directory. You will find more information on both subjects in the
Servlet Specification :-)
Hope this helps you,
Rodrigo Ruiz
Kiran Patel wrote:
>I am using jsp and tomcat 4.1 for my web application. My application is viewing image which is in the webapps/image folder. This image can also be viewed from the internet by just typing the url. I want to block this since these are the confidential images. Does anybody know how to do that. Thanks in advance.
>
>Kiran Patel
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org