I'm writing a portal in PHP that allows users to upload DICOM images, and allow users of the same group to view those DICOM images through a Java Applet. The html code to display images through the viewer looks like this:
<APPLET archive=radscaper.jar codebase=./ code=com.divinev.radscaper.Main.class width=100% height=100%>
<PARAM NAME=Config VALUE=config.xml>
<PARAM NAME=DicomImg1 VALUE="relative_path1/image1.dcm">
</APPLET>
So the generated html passes in a file url to the java applet. The problem I'm facing is - files would be stored in a public directory and easily accessed by anyone knowing the file url. Is there a way I can restrict file access to a certain user group?