Reputation: 2632
How to avoid deletion of Uploaded files in directory when redeploying the WAR in realtime Server?
I'm currently working on a Spring MVC web application. I was told to save the images in the SQl as blob, but from my understanding, number of images will grow bigger in time which will slow down the process time for each and every thread due to large size. I thought to store the files in
String uploadDir = request.getSession().getServletContext().getRealPath("/resources")+"/" +user.getTenantId()+ "/" +user.getUsername()+ "/";
I know this will lead to deletion of those files when redeploying the war file. I searched a lot of times and found that it's good to configure to a folder outside the entire application. This is not a problem in Local machines. Consider when I'm implememnting it for realtime servers, how could I specify an outside folder in server..? Also will it be secure if I configure like this way..?
Upvotes: 0
Views: 240
Answers (2)
Reputation: 718826
I know this will lead to deletion of those files when redeploying the war file.
Well don't put the files there! There is no reliable way to prevent the files from being deleted when you redeploy.
The obvious solution is to put the files somewhere else. Create a directory that the webserver can write to and put the uploaded files there.
Consider when I'm implememnting it for realtime servers, how could I specify an outside folder in server?
Use a configuration file of some kind.
Also will it be secure if I configure like this way?
That depends. For example, it depends on
- where you put the directory (in case you fill up a file system),
- whether you set the permissions correctly on the directory,
- whether you use a restricted account for running the webserver, and
- whether you guard against "tricky" pathnames in user requests; e.g. ones with embedded "../" that could be used to "escape" from the upload directory and read or write files that the user shouldn't be accessing.
But you need to watch out for most of these even if you put the uploads in the deployed webapp directories.
Upvotes: 2
Reputation: 57381
Define the uploadDir path soemwhere in configuration (e.g. create config.properties file) and when you deploy on any local or production environment change the setting to reflect correct path to the files dir.
Also it's not safe to place th files in the resources dir if you need to isolate one user's files from another users. Guess the resources dir is accessible by entire application so any user can get al files of another users. That's the second reason to keep the directory out of web application dir.
Upvotes: 0
Related Questions
- How to delete a file after sending it in a web app?
- spring boot uploading permanent files
- Where do i have to store uploaded files in maven spring mvc?
- Uploaded files are deleted using Apache Commons FileupLoad and Spring MVC
- Where saving a file after being uploaded in Spring MVC
- Preserving file uploaded between views
- When tomcat redeploy, the previous upload files are missing
- File uploaded on a web application
- File storage in Spring
- Keep file between http requests