Reputation: 7318
How should I control the access to image in tomcat?
We have a web application written in java, there is a folder which contains many images, user can access those images using:
http://localhost:8080/test/images/a.jpg
I am thinking how can I control the images, and enable only authorized user can view those images ?
Please point me the right direction, thanks in advance !
Upvotes: 1
Views: 518
Answers (2)
Reputation: 23248
There is the standard Java EE declarative security you can define in web.xml. If you don't need fine-grained control over which users access which images, this might do and is fairly easy to configure. If you are using Tomcat, you also need to configure a security realm. This option will work well if, for example, users should be able to access all images or none at all.
This won't be a good option if you need fine-grained control over security, such as if each individual user has different access rights to different images.
Upvotes: 1
Reputation: 3968
I am assuming your web application is deployed under context "/test". You can implement a ServletFilter, and configure it to be executed for *.jpg (and any other image format pattern). Inside the ServletFilter, you can test for authorization.
Please see this link for more information on Servlet Filters. If you are using the latest Servlet 3.0 implementation, you can refer to this link.
Upvotes: 1
Related Questions
- How to deny web access to a Tomcat directory
- How to access an image from tomcat server path
- display images outside tomcat folder
- Restrict file access in Tomcat
- Secure Tomcat Webapps folder from direct user access
- tomcat 8 access image that is located on webapps using tomcat url
- tomcat deny access to specific files
- Protecting resources such as images in a servlet
- Tomcat servlet security