I 've created a servlet to let users download a file . When the file is downloaded , I want it to be ReadOnly so that the user can't modify its content . So I've used the java.io.File class :
downloadFile.setWritable(false);
but I realized that the user can unset the read only flag after downloading the file .
What can I to prevent unsetting the read only flag?
I've created a servlet to let users download a file.
That servlet will be running on the web server. It's not running on the user's local computer - so it can't change anything about the user's local file system. Even your downloadFile.setWritable(false) won't operate on the user's local file system - the file will be saved by the browser, and the user gets to do whatever they want with it.
Even if you are running some app separately to your service, it would be not only hard, but pretty unfriendly to create a file which the user couldn't touch on their own system. You could try to run your app as a separate user, and give appropriate permissions to both the file and the directory it runs in - but then if the user has access to an administrator account, they'd still be able to override that.
As a user has downloaded your file, he can do anything with this file. If you are concerned about authenticity of the downloaded file, then consider data signing.
Sign your file using key, that is stored on the server and which is not available to end user.
To verify the file authenticity implement a servlet with functionality described in the link above.
Related
This is an odd situation but I'm curious if anyone else has seen this behavior. We're attempting to monitor files in Google Drive in a Windows environment where the user has admin privileges. By default, when GDrive is installed the user that installed it has all READ/WRITE access.
Our application is installed as the SYSTEM user (so that it can monitor files across all users)which does not have READ access to the Google Drive folder... So we are programmatically trying to grant READ access to the GDrive folder.
When we do this as SYSTEM, I update the ACL of the GDrive folder to be set to READ for the SYSTEM user... everything looks like it should (when manually inspecting the security permissions). However, when we try and access the folder an exception is thrown (FileSystemException using the com.jniwrapper.win32.io class)
However, if I set the SYSTEM READ permission on the GDrive folder using the logged in admin user we are able to access the contents of the folder with no problem. Has anyone seen any behavior like this? Thanks.
This was resolved after looking at the formatted list of ACL permissions using this Powershell command:
Get-Acl 'C:\Users\user\Google Drive' | format-list
What I noticed when we were setting READ permission programmatically vs setting it manually is that SYNCHRONIZE AclEntryPermission was set when we did it manually. However, we did not include that permission when attempting to do it programmatically... adding that additional permission allowed us to grant READ permissions to the Google Drive folder.
I have an android application, which wants the user to login each time he runs the app. So, the login procedure is simple, using the sqlite dabase file i'm using. I've copied the file in assets folder and doing the necessary modifications. But, the database file is of no use unless it is on the server. I don't have any server so i'm thinkin of keeping the database file on dropbox, google drive etc and then read or update that file as per user commands. The question is how to do that? I was searching the web for it, and found that the only way is downloading the db file modifying it and the uploading it back. Can anyone give me an example??
Doing that isn't possible unless you have a server.
Because, if you are using dropbox, first you'll have to make your file public in order to download it (Not recommended at all. Compromises security). Then you can use the url to download the file. But you won't be able to upload it back (Unless you are able to login to dropbox through your Android code).
Instead if you a web server with MySQL n PHP, you can easily send POST requests to your server.
I have a normal web application which are store user details and their images, we are creating user wise run time folders to store their all profile pictures.
example:- upload/user_1/anyimage.jpg
Also I have another java process(running as thread in server) which we are using to parse user data in bulk and after parsing we save it in database also we are creating run time folder to store user's profile pictures with same file structure.
example:- upload/user_2/anyimage.jpg
Now problem is:- when user 2 wanted to change their profile picture using UI(php application) using move_upload_file()
we are getting permission denied error.
When I have investigate more deeply I found that when folder has created using java application its owner is root and my php application is running under daemon user so that's the reason behind permission denied error.
How to overcome this problem, because we neither can change user who is running php application(because its system backend user) nor my java application.
As I am very new to this forum, please let me know if this is write place for this.
use chmod
chmod('/path/to/folder/, 0755);
if you want to change the ownership use:
$path = "/path/to/folder" ;
$user_name = "root";
// Set the user
chown($path, $user_name);
I'm making an intranet page where the users will put in some information (text). My application will take this text and go through files on a shared drive that the webserver has access to. Based on the text and some logic it'll find the file that matches.
Now that I have the full absolute file path of the matched file, I'd like the users to be able to download the file from the page as well. However, since the file doesn't exist in my application I can't serve it.
All I have is the network share like: \\somenetwork\share\filename.pdf
Is there a way I can let users download this file (with the above path) from the intranet page?
I've tried:
<a href="\\somenetwork\share\filename.pdf"> but that does not work.
also tried prepending file:// but that link does nothing. not even open the file or give the option to download.
PS: I understand that this should ideally be a script on the command line. I'm just trying to turn a command line script into an intranet page.
This works in chrome and ie. For a txt file on a shared drive (that I have access to), it opens the file in the browser.
test
You have to ensure the user has access to the shared drive for this to work.
Otherwise you'll need to host the file somewhere (e.g. via the webserver).
We have a web application that allows user to download a zip file from a web server. We just provide dummy iframe source to the full URL of zip file on web server. This approach would allow end user to use browser controls which allows the user to open or save the zip to user's local machine.
We have a requirement that the zip file is automatically extracted and save to a specific location on user's machine. Any thoughts on how this can be achieved?
Thanks.
I highly doubt that you'll be able to do that. The closest you're likely to get is to generate a self-extracting executable file (which would be OS-dependent, of course).
I certainly wouldn't want a zip file to be automatically extracted - and I wouldn't want my browser to be able to force that decision upon me.
Short answer is I don't believe this is possible using the simple URL link you've implemented.
Fundamentally the problem you have is that you have no control over what the user does on their end, since you've ceded control to the browser.
If you do want to do this, then you'll need some client-side code that downloads the zipfile and unzips it.
I suspect Java is the way to go for this - Javascript and Flash both have problems writing files to the local drive. Of course if you want to be Windows only then a COM object could work.
Instead of sending a zip file why don't u instruct the web server to compress all the web traffic and just send the files directly?
See http://articles.sitepoint.com/article/web-output-mod_gzip-apache# for example.