Re: Restrict direct access to static content

2011-02-22 Thread Miguel
You can always make a request aware struts action that returns a stream (not a jsp) and inside the action You can put everything You want to check the user. Open the file with a fileinputstream from an internal resource directory. Enviado desde mi Nexus S Miguel Ruiz Velasco Sobrino On Feb 16, 201

Re: Restrict direct access to static content

2011-02-16 Thread Brian Thompson
On Wed, Feb 16, 2011 at 11:34 AM, Dave Newton wrote: > 2011/2/16 Luis Eric López Fernández wrote: > > I am thinking to do something that will completely destroy the purpose of > > struts hehe.. I will add a servlet to handle all the requests different > than > > .action and there I will redirect

Re: Restrict direct access to static content

2011-02-16 Thread Dave Newton
Access to the resources isn't the issue, though. Dave On Wed, Feb 16, 2011 at 12:28 PM, Chris Pratt wrote: > Basically you need to implement an Authentication/Authorization system in > your app (you can start with Spring Security if you're not comfortable doing > a scratch implementation).  Then

Re: Restrict direct access to static content

2011-02-16 Thread Chris Pratt
Basically you need to implement an Authentication/Authorization system in your app (you can start with Spring Security if you're not comfortable doing a scratch implementation). Then use that system to protect all your assets. (*Chris*) On Wed, Feb 16, 2011 at 9:24 AM, Vitor De Mario wrote: >

Re: Restrict direct access to static content

2011-02-16 Thread Dave Newton
2011/2/16 Luis Eric López Fernández wrote: > I am thinking to do something that will completely destroy the purpose of > struts hehe.. I will add a servlet to handle all the requests different than > .action and there I will redirect to an error page.  =S How will you request them from within the

Re: Restrict direct access to static content

2011-02-16 Thread Luis Eric López Fernández
I'm pretty much trying to do the following: 1.- user tries to access a static resource directly 2.- app receives the request 3.- application directs the user to a default location, but not the requested resource I am thinking to do something that will completely destroy the purpose of struts hehe

Re: Restrict direct access to static content

2011-02-16 Thread Vitor De Mario
Unfortunately I don't know a solution to the problem, but what he's trying to do doesn't look that strange to me. I believe Luis'd like to hide his internal folder structure, probably. Struts 2 URL's are made up, don't correspond to any physical folders, but .js, .css and the like would probably ha

Re: Restrict direct access to static content

2011-02-16 Thread Alex Lopez
Correct me if I'm wrong, I think you could achieve this by doing: in web.xml: struts2 org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter struts2 /* and in struts.xml: so struts2 catches all url requests as actions, unless specified in the exc

Re: Restrict direct access to static content

2011-02-16 Thread Luis Eric López Fernández
It *sounds* like what you're trying to do is to only allow access to static resources if they're requested from within a web page--is that correct? *That's correct Dave!* Why* are you trying to do that? The answer may dictate the solution. You can always stream static resources to the browser via

Re: Restrict direct access to static content

2011-02-16 Thread Dave Newton
2011/2/16 Luis Eric López Fernández wrote: > So my first attempt to fix this is by adding the following lines to the > web.xml file: > >     >         >            RestrictedDirectories > >            /AppName/images/* > >         >     > > (*) My app is running on a Websphere app server. > > But i

Restrict direct access to static content

2011-02-16 Thread Luis Eric López Fernández
Hello there, I am new with Struts2 and I need to restrict direct access to my app's static content. Right now users can access to images, css, js, and pdfs by directly typing in the resource URL, something like: http://server:port/AppName/images/image_name.jpg Will take them to the place where t