In liferay I have
So using code in my-portlet I have given links to given file in myimages folder for a specific user.
Link would be
Problem Statement: I have to restrict a user (rather than defined role in liferay) so that s/he should not be able to access any of the files in myimages folder as s/he user hits on direct above link.
What I have tested:
- I have checked .htaccess file will NOT be useful since liferay has tomcat rather than apache server.
- Created a filter class by which I can intercept any request made should process through.
- openLDAP can not use since we are having separate authentication mechanism.
So if anyone has idea how to deal with this security issue, please suggest me.