You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Clark Slater <to...@slatech.com> on 2005/07/12 01:58:12 UTC
file access via HttpSession
Hello-
I am running 5.0.19
Is there a way to restrict access to files in
a directory based on a value in an HttpSession?
For example:
Customer c = (Customer) httpSession.getValue("Customer");
if (c.getCountryCode().equals("CAN"))
their browser could display any HTML file in
/webapps/ecat/profiles/canada
but not files in
/webapps/ecat/profiles/usa
Of course, files in either of these directories
would not be viewable by the outside world.
Thanks!
Clark
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: file access via HttpSession
Posted by Tim Funk <fu...@joedog.org>.
No, you would need to do this via a programmtic authorization.
There is no declaritive way to do this.
-Tim
Clark Slater wrote:
> Hello-
>
> I am running 5.0.19
>
> Is there a way to restrict access to files in a directory based on a
> value in an HttpSession?
>
> For example:
>
> Customer c = (Customer) httpSession.getValue("Customer");
> if (c.getCountryCode().equals("CAN"))
>
> their browser could display any HTML file in
>
> /webapps/ecat/profiles/canada
>
> but not files in
>
> /webapps/ecat/profiles/usa
>
> Of course, files in either of these directories
> would not be viewable by the outside world.
>
> Thanks!
> Clark
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org