Menu
▾
▴
[jetty-discuss] Preventing direct resource linking without authorization.
|
From: <sen...@ne...> - 2005-09-16 16:54:47
|
Hello all, I have Jetty running embedded as a secure http and servlet server. I have ssl enabled but I'd like to prevent direct linking to any files on the server via authorization checks of sessions associated with the requests that come in. Is there a way to do this using Jetty? I am currently using Jetty version 4.2.24 I looked at the javadoc for the HttpServer class and it appears I'll have to somehow use a Realm but I am not sure how that will ensure that *every* request is checked, nor am I sure on how I would tie in my existing db authentication scheme into the one used by Jetty. It would be cool if I could have Jetty make a call to my authentication logic to authorize each server requests session, if the session has an authorized user, this should grant the request, if the session is expired or doesn't exist, the request should be denied. (this needs to happen across all loaded contexts and listeners) So any ideas on the matter? My thanks in advance for your time. Regards, David ______________________________________________________________________ NetZero Is Giving Away $3,000 A Day! Sign up for NetZero HiSpeed 3G with Instant On! Visit http://www.netzero.com/3Gsweeps TODAY for your chance to win! |