> What would be the best sollution if I have resources (non-HTML like > movies etc.) which I want to protect with a custom made authentication?
use Servlets. serve binary data as the output stream instead of text/html . You can authenticate and do all your other "ok, is this person authorized, what is the filename" etc., and then serve the headers and the file. If you're interested in security, definitely do not have any part of the filename as a request parameter -- look up the filename in the database. There are packages that implement the raw binary serving in a rudimentary way, I'm thinking specifically: http://www.servlets.com/cos/index.html see the ServletUtils.returnFile method...this should get you started. Be sure to read the license before using or looking at this code. cheers fillup On 5/31/02 1:38 AM, "Markus Kirsten" <[EMAIL PROTECTED]> wrote: > What would be the best sollution if I have resources (non-HTML like > movies etc.) which I want to protect with a custom made authentication? > I have a servlet which takes care of my authentication and I want this > servlet to be able to either grant or permit access to a resource based > on wheter the particular user has an account (in a back end database). > > Thank you! > > > Markus > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
