Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tomcat: return request to apache?

 
Josh Johnson
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm trying to use Tomcat to check if someone has the correct credentials to access certain files (txt,doc,xml,etc...) and if they do I want to send the request back to apache to serve up the file. Is this possible?

For Example: A user might request file /Files/20952/batch-20060619.xml . I want to make sure that this user is client 20952 (which is stored in session). If they are, then I want apache to serve up the file. I used to do this with mod_perl pretty easily, you just returned a DECLINED status (after validating the session) and apache would handle it. I figure that since Java is much more flexible that I could do something similar.

If Tomcat can serve up the file then that is fine too. I just don't want to muck about creating a ContentType based on the .extension and I don't want to break the "flow" of things for the client; If its a .txt file then I want it to display in the browser, if its a .doc file then I want the user's browser to decide what to do (display it or download it).

Any suggestions?

Many thanks!

-Josh
[ June 20, 2006: Message edited by: Josh Johnson ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Request.sendRedirect will force the browser to make a new request for the given resource. Either Tomcat or Apache HTTPD will be able to serve up static files without any extra coding on your part.
 
Josh Johnson
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the response Ben. I can't really do that because the browser needs to be denied access to the file if they don't have a valid session. If I merely send a redirect to their browser then that means that they could have accessed the file without validation. Granted, they would have to guess the correct URL, but I can't have that.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic