Hello, I have a content management system running on Tomcat, and I have to serve different static content for authorized users.
Currently I have a download webapp, which is using the default servlet to serve this static content. The content directories are linked to the base dir of the download webapp and allowLinking="true" set for the context. For access control I have a filter to check the authorization of the users to the different content files. The problem with this is that if I redeploy or remove the download webapp then the content is also gone. And anyway, I'd like to have that file system stored content separately from the webapps or Tomcat. Currently I'm thinking on writing a download servlet to use instead of the default servlet, which serves files from configurable locations. Or to change the default servlet itself. I was also thinking on serving that static content with Apache httpd connected to Tomcat, but then how do I check the authorization? I have to keep the authorization checking part inside Tomcat. Do you have any idea, what would be the proper way to address this problem? Kind regards, Balint --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
