tags:

views:

31

answers:

2
+2  Q: 

How to keep an download url given for a user valid for a minute , once the time is elapsed, the web app should redirect to error page.

I want to provide a url to an requested user through email for a download request. The url is valid for a minutes, when user tries to access that url after a minutes the web app should redirect him to another page. what is the best logic to go about!!.kindly let me know your views.

+1  A: 

  1. Generate a large random string (GUID)

  2. Write this string with the timestamp to a database

  3. Give the user a link to /download?guid=[your guid]

  4. Write a servlet and map it to /download

  5. in your servlet

5.1. Read the GUID from the request parameter

5.2. check the database that the time is still valid

5.3. if yes, read the file from your server and stream it from the servlet to the user (make sure to set the content type correctly)

5.4. update the db-table to indicate that this GUID was already used

5.3' if not, redirect to error page

Nir Levy  2010-09-08 07:37:35
Need the alternative use case for the invalid request as well :)
willcodejavaforfood  2010-09-08 07:39:12
@Levy thanks but for an invalid request.is it possible without hitting database.
Suresh S  2010-09-08 07:42:08
Pierre's idea is nice as well.
Nir Levy  2010-09-08 09:00:34
@Suresh. Use Pierre's idea for initial validation of the timestamp. Pass both timestamp and guid. If the timestamp is valid, query the database (and re-check the time stamp) and the deliver the file (or not).
Nir Levy  2010-09-08 19:47:03
@Nir passing timestamp means currenttimestamp when url is created, and then when the url is accessed (current timestamp - passed one) > 10 seconds , then redirect to invalid page.
Suresh S  2010-09-09 06:31:30
+2  A: 

Create an URL to the resource to download that contains a query string with an encrypted expiration date. Very simple to manage and you don't have to rely on a database.

http://example.com/download.php?aid=jHYgIK7d

Pierre 303  2010-09-08 07:50:34
@Pierre i didnt understand.kindly explain the flow.
Suresh S  2010-09-08 07:53:44
One pragmatic way to tell a download page when it expired is to pass it the information in the query string. However you don't want the user to know how to set himself the expiration, so you encrypt it.
Pierre 303  2010-09-08 09:05:55
@Pierre but how do u know while file to download ,when the querystring is just an encrypted timestamp.somewhere we need to have relation with encrypted value and the file.
Suresh S  2010-09-08 11:24:57

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java