[jcifs] Right click bypasses security and downloads file
Bruce Altner
baltner at hq.nasa.gov
Fri May 10 08:06:08 EST 2002
Greetings:
I have a newly discovered problem with my file download page. My
application spawns several windows after the user logs in and one of these
is a list of files (SmbFile) that the user may download from the NT server
by clicking on the file name. Unfortunately, what I discovered was that if
the user logs out in a different window this doesn't close the fileList
window (we can't use Javascript...it's a requirement) so it stays open and
the user (or anyone else) could still download files.
To fix this I put a conditional in my download class which tests whether or
not the user is still logged in. If not, it throws the user back to the
login page. Great. I thought I was done. HOWEVER, this fix fails when the
user right clicks on the file. Apparently this bypasses all of the code
that does the downloading (e.g. SmbFileInputStream), as seen by inserting
System.out.println statements which are not executed. So if this is being
skipped, how is it that the files are still downloading? This happens in
both IE and Netscape.
How is this happening? Any clues?
Thanks,
Bruce
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list