Menu
I am serving images from a folder outside a web application. I stored images inside C:\source\Pictures. I configured this resource as a static resource in spring's servlet context file:
<resources location="file:///C:/source/Pictures/" mapping="/img_resources/**"/>
I display images stored in that folder using
<img src="<spring:url value='/img_resources/guinnes_choc_cake.jpg/'/>"></img>
It work well for me. However, I have security concerns. I would not want to expose a directory in my server to the public.1
Is there a way to built security around this folder in Spring ?
550
The Ant matchers match against the request path and not the path of the resource on the filesystem.So ignore any request that starts with "/resources/". This is similar to configuring http@security=none when using the XML namespace configuration.
For adding a Spring Boot Security to your Spring Boot application, we need to add the Spring Boot Starter Security dependency in our build configuration file. Maven users can add the following dependency in the pom. xml file. Gradle users can add the following dependency in the build.
Using Spring BootSpring Boot comes with a pre-configured implementation of ResourceHttpRequestHandler to facilitate serving static resources. By default, this handler serves static content from any of the /static, /public, /resources, and /META-INF/resources directories that are on the classpath.
If you are using Spring Security you could add something like this to your Spring context file(s):
<sec:intercept-url pattern="/img_resources/**" access="isAuthenticated()" />
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
