This week's book giveaway is in the Programmer Certification forum.
We're giving away four copies of OCP Oracle Certified Professional Java SE 11 Programmer I Study Guide: Exam 1Z0-815 and have Jeanne Boyarsky & Scott Selikoff on-line!
See this thread for details.
Win a copy of OCP Oracle Certified Professional Java SE 11 Programmer I Study Guide: Exam 1Z0-815 this week in the Programmer Certification forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Paweł Baczyński
  • Piet Souris
  • Vijitha Kumara

Prevent URL Rewriting: Integrate File system & LDAP

 
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

Prologue:
------------
There are two kinds of entities: Manager and Projects(each project has a monthly financial report)
One Manager might have access to one or more Project (and hence to their respective financial reports as well)
Manager is the User who will login to the application.


Context:
------------
Once the user logs in to the web application, he/she gets a link to the PDF report(s). On clicking the report a window opens showing the contents of the report.The PDF reports are stored somewhere in the Server file system.
e.g. folder structure could be like this:
Reports > Project1 > Report1_PROJ1.pdf
Reports > Project1 > Report2_PROJ1.pdf
Reports > Project2 > Report1_PROJ2.pdf and so on..


Problem:
------------
The user might tamper with the URL and change it to try to read other PDF's to which he/she is not authorized.
e.g. ManagerXXX is authorized to see only "Project2" reports.
Current URL:
http://server/filelocation/Reports/Project2/Report1_PROJ2.pdf
The Manger can modify this URL as:
http://server/filelocation/Reports/

Then he/she will see all the available Project Reports even if he/she is not authorized to do so.
Main problem here is that, once the URL has been tampered, the control does not return to the web application but directly goes to the file system relevant to the changed URL.

Already explored solutions:
-----------------------------
Javascript:
We do not show the address bar/status bar so no chance of URL tampering
The problem is that if the browser disabled Javascript then there is great security issue.


Possible solution:
---------------------
If it was possible to somehow integrate the file system and the LDAP. In such case the access rights to the user will be based on groups to which the user belongs in LDAP.
However, I am unable to get any material to get started on this approach.


Regards,
Amit
[ October 24, 2007: Message edited by: amit bose ]
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

The user might tamper with the URL and change it to try to read other PDF's to which he/she is not authorized.



As long as you are providing access directly to a PDF by a URL you are going to have this problem. Why don't you do access indirectly through a servlet? The servlet can be aware of users and authorizations - it can read the pdf from a directory that can't be accessed directly by URL.

Bill
 
The glass is neither half full or half empty. It is too big. But this tiny ad is just right:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!