Hi all I have an URL (say http://mycompany.com/download.exe) I want only authenticated users get this URL(This is actually an exe the user is trying to download) If I do application level authentication and redirect to the URL, then the user can see the URL and use it to download bypassing the authentication. Is these a way I can send the exe to user with out let the user see the actual URL Note: This is urgent Please respond Thanks in advance
posted 16 years ago
Use a servlet does the authentication. If the user is authenticated, then use dispatcher to forward to http://mycompany.com/download.exe. The user will only see the servlet URL. Or setup <security-constraint> in web.xml to protect URL. Even if the unauthenticated user knows the URL, he still cannot access the URL.
That's what I think.
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads