Thanks. It's clear now :)
2011/9/23 Pid <p...@pidster.com>
> On 22/09/2011 23:23, Omar Belkhodja wrote:
> > Thanks Pid. What do you mean by "a mapping" ? Is it some kind of servlet
> > that would read the file, and create the HTTP answer after having checked
> > the login ?
>
> An arbitrary URL structure:
>
> /images/{user}/{imageid}
>
> If /images/* was secured, then any user would be authenticated before
> your Servlet or Servlet Filter was executed.
>
> In your code, you would examine the Principal & see if it had permission
> to proceed. Then return the resource or an error, accordingly.
>
> Your code could request.forward() to another Servlet which actually
> returned the image, or could read the image from where it was stored &
> serve it directly into the outputstream.
>
> Up to you, where & how you store the image.
>
>
> p
>
>
