1 Reply Latest reply on Feb 8, 2010 6:32 AM by Adam Wells

    Securing web start

    Matthew Hibberd Newbie


      I have a web application that is using Seam and it includes a web start application. I need users to have to sign in before they can start/download the web start.

      My problem is that I cant find a solution to secure access to the jnlp and related jars behind the login to the Seam app. So for example, if someone was to learn the URL of the jnlp/jar(s), they could simply type it in the address bar and download them without logging in. Is there a way to secure access to such resources using a Seam authentication method? If so, could you give me a pointer to a page of documentation or example that I must have missed.


        • 1. Re: Securing web start
          Adam Wells Newbie

          I also had this problem trying to secure .swf resources obtained after logging into a Seam app.

          Solved it by adding this line to components.xml :


          <web:authentication-filter url-pattern="/secure/*" auth-type="basic"/>

          Resources in the /secure directory are available after Seam authentication.

          Not sure if that is the best way to go, but it is the only appraoch I have been able to find.