Design issue: Viewing files in Web application and hide it from user based on securit

Dears,
I wanna ask question about how to design a web application in Java that have links to dynamiclly loaded files. These files are loaded from admin screens in the application. The target of this uploaded files is to be viewed by users based on their right ==> so I can't make all the uploaded files in a directory on the web application path so that any user can try the URL and get what he wants.
What I want to do is how to make these documents secured based on users and my application specific security schema?

Also, if this web application is hosted on clusetered environment, how I can put the files on two application servers?
Thankx and best regards

For the first part of your question, how does the user log into your application? Have you implemented any authentication? If so, have you looked into any sort of container-managed security using roles?
Therefore you can assign different roles to a username and in your .jsp/servlet use the isUserInRole(X) to see if they have security to do something.
As for the clustered environment, if the files never change I guess you could copy all the files from one server to the next. Otherwise, you could store all the files in one central location and map a drive to that location so that all servers in the cluster would look at the same location through the same location name.
Just a thought.

What I usually do, is store the files outside of the webroot and use a servlet to read the file and present it to the user if the user has the necessary rights. These rights can be stored, f.e. in a database, together with the filename and other information about the uploaded document. Because the files are stored outside of the webroot, they cannot be requested by typing in the url in the browser.
The code in the servlet that requests the file could look something like this (I simplified it a bit, but you should get the point):
String id = request.getParameter("id"); Document document = Dao.getDocument(id); Iterator roles = document.getAccessRoles().iterator(); boolean isAuthorized = false; while (roles.hasNext()) { String role = (String) roles.next(); if (request.isUserInRole(role) { isAuthorized = true; break; } } if (isAuthorized == false) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } else { String fileName = document.getFileName(); File file = new File("/some_path_outside_webroot/" + fileName); response.setContentType("application/octet-stream"); response.setContentLength((int)file.length()); response.setHeader("Content-Disposition", "attachment;filename=" + fileName); ServletOutputStream out = response.getOutputStream(); InputStream in = new FileInputStream(file); byte[] buffer = new byte[4096]; int n = 0; while ((n = in.read(buffer)) > 0) { out.write(buffer, 0, n); } in.close(); out.close(); }
It uses a content-disposition header so that most browsers will allow the user to open the file or save it to disk (you can also use content-disposition 'inline' to open the file in the browser). Make sure the fileName is formatted properly, or a creative user will be able to download any file on the system
[ March 10, 2004: Message edited by: Jaap van Hengstum ]