You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@turbine.apache.org by Eric Dobbs <er...@dobbse.net> on 2002/02/01 21:32:34 UTC
HOWTO secure RawScreen (was Re: Turbine (with auth/session) as transparent proxy (no template s)?)
On Wednesday, January 23, 2002, at 03:12 PM, Skip Walker wrote:
> Would you mind providing a bit more explanation as to how you use
> RawScreen
> to apply Turbine security to downloadable files?
Sorry to take so long to reply to this one.
public class Download extends RawScreen
{
public void doOutput(RunData data) throws Exception
{
if (!isAuthorized(data))
{
// do something to tell the user they don't have permission
}
else
{
// do the download stuff
}
}
protected boolean isAuthorized(RunData data)
{
// do the security check here. Get whatever info you need
// about the user from RunData
}
}
(I typed that in by hand, so it probably doesn't compile as is)
> How do you create a link in a template to a downloadable file which goes
> through the RawScreen?
http://mydomain:8080/myapp/servlet/myapp/screen/Download
or in Velocity:
$link.setScreen("Download")
Hope that helps.
-Eric
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>