Hi, I'm running tomcat webserver standalone. Is there a way to stop hotlinking images? I know you can do this with apache but what about standalone tomcat? Thanks.
If by that you mean requiring all image requests to come from known legal users, sure. Just have the image link point to a servlet rather than a file and have the servlet check for a valid session before sending the image data.
I'm trying to prevent people typing image.jpg in the url to go to the image directly.
Ok, thats what I was talking about, Tomcat will only serve images directly from the main web application directory. Put you images somewhere else and create a servlet to send them after checking for a valid user. Bill
You could do this with a filter as well. Put all your restricted images in a directory (member-img). Then create a filter that checks a user's login credentials (usually stored in session) and allows the request to pass if the user should be allowed to access that directory. Map that filter to your member-img directory.