• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Where to place uploaded file securely in jsp and servlet file sharing web application?

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Friends!
I want to develop a file sharing web application. Whose functionality is something as follows.
1. User logs in to my web site.
2. Fills a form regarding file description and give local path to the files they want to upload.
4. After submitting the form the web application will creates a directory in given fix common directory location and stores the file in it.
3. A fix directory location is available to my web application either in hard coded way or using web.xml file in which it will be set either using context or config parameters which will be decided later.
4. The file size may vary from few MB's to few hundred MB's. File types may be image file, pdf file, or office files.
5. I don't want to store these files in database tables.
6. Whenever user want to see these files he will get the list of file names on a page. User need to click on the link of file name so that respective file will be visible in his browser.

My question are as follows

1) Where to store these uploaded files on server very securely as per standards?
As I want to put these files on server securely so that nobody can access these files by bookmarking the url to these files or without loging in to my site.
Most of the times the files are uploaded to a specified directory which is located in web application directory on web server which looks very suitable to my requirements.
But main issue with this approach is that whenever I will going to redeploy my application the files in this directory will be deleted.

Please guide me friends where do I put the files securely and make available to user for view them easily?
Thank You!
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's easy: use a directory that's outside of the webapps directory. That way it's not accessible directly, and won't get removed if your web app is undeployed. You can still configure the path in web.xml if you want.
 
Param Ganak
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:That's easy: use a directory that's outside of the webapps directory. That way it's not accessible directly, and won't get removed if your web app is undeployed. You can still configure the path in web.xml if you want.



Thanks for your reply!

My few queries are as follows
1) What happen when my web server is changed?
2) My application will be get hosted on a third party hosting and not on my own server in this case does that hosting company will going to allow me to maintain a separate folder outside my web application directory? In this case is this approach is secure so that no other will access my files without my application?

Thank You!
 
Saloon Keeper
Posts: 28484
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1. A data file directory is a data file directory. I could delete my webapp servers entirely, but that wouldn't affect the data file directories I use.

2. It's impossible to say on this one, since it depends on how much of the client OS a given ISP will give you direct access and control over. The ones I use allow me to do anything up to and including installing my own OS software packages, but the less expensive ones may not be as generous.
 
Thank you my well lotioned goddess! Here, have my favorite tiny ad!
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic