.htaccess - disallow access of internal files in liferay -


in liferay have
--tomcat
  --webapps
   --myimages
   --my-portlet
using code in my-portlet have given links given file in myimages folder specific user.
link
http://localhost:8080/myimages/user1.jpg

problem statement: have restrict user (rather defined role in liferay) s/he should not able access of files in myimages folder s/he user hits on direct above link.

what have tested:

  1. i have checked .htaccess file not useful since liferay has tomcat rather apache server.
  2. created filter class can intercept request made should process through.
  3. openldap can not use since having separate authentication mechanism.
    if has idea how deal security issue, please suggest me.

urls resolved through individual webapps (like myimages), not through liferay, not have idea of user accesses liferay: they'll shielded other (and in case totally unrelated) webapplication liferay.

what can provide these files through portlet plugins , serve images through resource-urls in portlet. goes through portal context (in fact, urls point liferay, despite implementation in different webapplication) , you'll able check permissions of current user. read file , pipe resourceresponse's output stream.

if files indeed static web resources, might want put them in myimages/web-inf/images - tomcat refuse directly serve under web-inf, portlet able access these files.


Comments

Post a Comment

Popular posts from this blog

php - failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request -

this code i'm using find latitude , longitude of place: function coords($address){ echo $url="http://maps.googleapis.com/maps/api/geocode/json?address=".$address; $json = file_get_contents(urlencode($url)); $data = json_decode($json, true); print_r($data['results'][0]['geometry']['location']['lat']); print_r($data['results'][0]['geometry']['location']['lng']); } however returns warning: failed open stream: http request failed! http/1.0 400 bad request if use above code in simple procedure works fine not in function. note: have tried curl_init()... method produced same result? instead of encoding whole url encode address part. following code work fine $add='jamshoro phase 2'; $url="http://maps.googleapis.com/maps/api/geocode/json?address=".urlencode($add); $json = file_get_contents($url); $data = json_decode($json, true); print_r($data['r
Read more

java - How to filter a backspace keyboard input -

i have code gives message when key number pressed: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochararray().length - 1]; if (!(ch >= '0' && ch <= '9')) { system.out.println("the char entered not number"); t.consume(); } } }); now if press on wrong button , press backspace remove it, error message. how can add backspace input if statement? i have found answer: txtvalueofclause.addeventfilter(keyevent.key_typed, new eventhandler<keyevent>() { @override public void handle(keyevent t) { char ar[] = t.getcharacter().tochararray(); char ch = ar[t.getcharacter().tochar
Read more

java - Show Soft Keyboard when EditText Appears -

i have code in android app, alert dialog , keyboard, , when dialog shown want keyboard appear. not , not sure why? here code: final alertdialog.builder alert = new alertdialog.builder(this); alert.settitle("title"); alert.setmessage("message"); final edittext input = new edittext(this); input.setinputtype(inputtype.type_class_number); alert.setview(input); input.setonfocuschangelistener(new view.onfocuschangelistener() { @override public void onfocuschange(view v, boolean hasfocus) { if (hasfocus) { log.i(tag, "in focus"); inputmethodmanager inputmethodmanager = (inputmethodmanager) getsystemservice(context.input_method_service); inputmethodmanager.showsoftinput(input, inputmethodmanager.show_implicit); } } }); but keyboard not appear though edit text in focus, , tell appear why, doesn't come up? thanks in advance.
Read more