You can always fix this using Stripes. Register the *.whatever extension to a Stripes action and use StreamingResolution to return the file content.
This is a poor solution since Web containers are much better at streaming content, but at least it will work. Christian De : William Krick <kr...@3feetunder.com<mailto:kr...@3feetunder.com>> Répondre à : Stripes Users List <stripes-users@lists.sourceforge.net<mailto:stripes-users@lists.sourceforge.net>> Date : Monday, November 28, 2016 at 5:26 PM À : Stripes Users List <stripes-users@lists.sourceforge.net<mailto:stripes-users@lists.sourceforge.net>> Objet : Re: [Stripes-users] Strips user access control of linked files There's a custom mechanism that creates security tokens. I'm not really sure how it works as this is a large application and the security framework was developed by another group. I'm guessing that conceptually, a proper solution to "secure" file links would involve custom URLs that incorporate a security token string that are only valid for the current user in the current session. On Mon, Nov 28, 2016 at 4:30 PM, Rick Grashel <rgras...@gmail.com<mailto:rgras...@gmail.com>> wrote: Hi William, How are your users logging in right now? Through basic authentication or through a custom mechanism? -- Rick On Mon, Nov 28, 2016 at 2:23 PM, William Krick <kr...@3feetunder.com<mailto:kr...@3feetunder.com>> wrote: I'm working on a Stripes web application that provides links to tutorial files. The users have to log into the application. The problem is that the links to the tutorial files are accessible to anyone, whether they are logged into the application or not. The links should only be accessible to logged-in users. Is there some standard way that this is done? Also, should the files be hosted outside of the web-accessible root directory? I don't want to have to bundle the files inside the deployment war because they may need to be updated outside of the normal app deployment cycle. ------------------------------------------------------------------------------ _______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net<mailto:Stripes-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/stripes-users ------------------------------------------------------------------------------ _______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net<mailto:Stripes-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/stripes-users ------------------------------------------------------------------------------ _______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/stripes-users
