tags:

views:

95

answers:

3
Q: 

java:how to hide static resources like html ,images from user on jboss platfrom?

I have developed a java 1.4 web application.Application is deployed on jboss(tomcat).

suppose my folder structure is 

   mainfolder(contains subfolders and jsp pages)
        images(contains all of images files)
        headerfiles(header files)
        javascript(javascript files)

url for website login page is

     mywebsite.com/mainfolder/login.jsp

if user types complete url for some static resource

     mywebsite.com/mainfolder/images/myimage.jpeg

then he can view image on this url.

I want to stop user to view these resources.What should i do?

is there way some way to specigy pattern of file names which i dont want user to see. In that case i can specify *.ssi pattern to hide.

+3  A: 

If those images are used in your pages, the user will HAVE TO be able to download them to see them.

This is basic HTTP. If you want to download a resource, you need to have access to it.

Preventing your users from accessing mywebsite.com/mainfolder/images/myimage.jpeg will mean you WON'T be able to use this image in your HTML or CSS.

If those files should not be available to the user but only the server, don't publish them by keeping them in a non-published folder.

Vincent Robert  2009-11-20 08:15:17
can u please tell me how to keep those files in non published folder.what is difference between non published and published folder?Thanks
Maddy.Shik  2009-11-20 08:39:59
A published resource is accessible through the web server, a non-published isn't.
Andreas_D  2009-11-20 09:06:09
how to make non published folder?can u please refer me to some link for detail?i ma not able to find one.
Maddy.Shik  2009-11-20 10:07:36
+1  A: 

Anything put under the webapp's WEB-INF directory cannot be directly accessed by the browser.

skaffman  2009-11-20 10:27:44
if i put all of folders containing images,javascript etc?i will have to change change references to these resources which is in terms of thousands.like in case of javascript<script type="text/JavaScript" src="javascript/generic.js"></script>reference is specified relative to mainfolder.but now javascript folder no longer exist in mainfolder.So where should i make change.contextroot of my application is "/".Thanks
Maddy.Shik  2009-11-20 11:24:10
If you put things under `WEB-INF`, then the browser can't see them. That's what you asked for. Either you want the browser to see these resources, or you don't.
skaffman  2009-11-20 11:33:42
i dont want user to directly see those resources.But jsp pages should refer those resources.Otherwise i dont have any use for those resources.
Maddy.Shik  2009-11-20 11:37:36
i think if i put resources in web-inf then i will not be able to access resourecs from jsp.because in jsps these resources are refered by url.
Maddy.Shik  2009-11-20 11:48:22
A: 

I want to stop user to view these resources. What should i do?

Honestly, this makes no utter sense. How would the client ever be able to get the static data? You can put those files in /WEB-INF (a non-published folder) to hide them from direct access, but you can never use them in your JSP pages, simply because the client isn't able anymore to directly access it.

I think the biggest misconseption here is that you didn't realize that every image, CSS file, JS file, etc counts each as a fully independent HTTP request. It is not true that the complete website is been hauled by a single HTTP request.

BalusC  2009-11-20 12:08:03

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java