There's a custom mechanism that creates security tokens. I'm not really sure how it works as this is a large application and the security framework was developed by another group.
I'm guessing that conceptually, a proper solution to "secure" file links would involve custom URLs that incorporate a security token string that are only valid for the current user in the current session. On Mon, Nov 28, 2016 at 4:30 PM, Rick Grashel <rgras...@gmail.com> wrote: > Hi William, > > How are your users logging in right now? Through basic authentication or > through a custom mechanism? > > -- Rick > > On Mon, Nov 28, 2016 at 2:23 PM, William Krick <kr...@3feetunder.com> > wrote: > >> I'm working on a Stripes web application that provides links to tutorial >> files. The users have to log into the application. The problem is that >> the links to the tutorial files are accessible to anyone, whether they are >> logged into the application or not. >> >> The links should only be accessible to logged-in users. >> >> Is there some standard way that this is done? >> >> Also, should the files be hosted outside of the web-accessible root >> directory? >> >> I don't want to have to bundle the files inside the deployment war >> because they may need to be updated outside of the normal app deployment >> cycle. >> >> ------------------------------------------------------------ >> ------------------ >> >> _______________________________________________ >> Stripes-users mailing list >> Stripes-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/stripes-users >> >> > > ------------------------------------------------------------ > ------------------ > > _______________________________________________ > Stripes-users mailing list > Stripes-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/stripes-users > >
------------------------------------------------------------------------------
_______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/stripes-users
