如何保护基于 XML 的数据源?
我有一个基于 GWT / SmartGWT 的应用程序,它部署在 Google App Engine 上。我正在使用基于 XML 的数据源。所有用户的应用程序正常运行都需要此文件。但是,我不希望非管理员用户能够通过在地址栏中指定其完整路径来直接查看或下载该文件。我无法使用下面提到的 GAE 的安全约束(仅允许管理员访问),因为这将使应用程序对普通用户毫无用处。
<security-constraint>
<web-resource-collection>
<url-pattern>ds/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
那么,有没有一种方法可以阻止用户直接访问该文件,但仍然允许他们通过应用程序使用它?
提前致谢。
更新(2011 年 5 月 3 日):
我的数据位于多个 XML 文件中,并且所有数据都是只读的(只能获取,不能对这些文件进行添加/更新/删除)。我在客户端上有一些使用此数据的不同功能。大多数时候,每个功能都有一个单独的数据源。在某些情况下,我与 SmartGWT 小部件(如 ListGrid)进行数据绑定,而在其他情况下,我只需将数据转换为对象并在客户端上使用这些对象。
I have a GWT / SmartGWT based application, which is deployed on Google App Engine. I'm using an XML based datasource. This file is required for the application's normal operation for all users. However, I do not want non-admin users to be able to view or download this file directly by specifying its full path in the address bar. I cannot use GAE's security constraint (allow access to admins only) as mentioned below because that will render the application useless for normal users.
<security-constraint>
<web-resource-collection>
<url-pattern>ds/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
So, is there a way I can prevent users from directly accessing the file, but still allow them to use it through the application?
Thanks in advance.
UPDATE (May 3, 2011):
I have data in multiple XML files and all the data is read-only (only get, no add/update/delete on these files). I have a few different functionalities on the client that use this data. Most of the times, each functionality has a separate datasource. In some cases, I have databinding with SmartGWT widgets (like ListGrid) and in others, I simply convert the data into objects and use the objects on the client.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
那么该文件必须由客户端代码(javascript)下载,但您不希望用户看到它?
这是无法完成的 - 如果数据在客户端上可用,则可以访问它。
解决方案是:
错误的解决方案:通过 GWT-RPC 公开此数据,而不是通过文件下载。 GWT-RPC 很难进行逆向工程,因此“普通”最终用户将无法简单地下载数据。但是,具有一定知识的用户将能够做到这一点,因此这不是保护敏感数据的解决方案。
正确的解决方案:仅向客户端公开给定用户所需且相关的数据。使用 GWT-RPC 访问此数据,或者如果您还有其他非 GWT 客户端,则使用 REST。不要暴露任何敏感数据。这基本上迫使您在服务器上而不是在客户端上实现业务逻辑。这是正确的做法。
更新:
您仍应保护 servlet :
So the file must be downloaded by the client code (javascript) but you do not want users to see it?
This can not be done - if data is available on the client then it can be accessed.
The solutions are:
Wrong solution: expose this data via GWT-RPC, instead via file download. GWT-RPC is hard to revers-engineer so "normal" end-users will not be able to simply download the data. However, users with some knowledge will be able to do it so this is no solution for securing sensitive data.
The right solution: Expose to the client only data that is needed and relevant for given user. Use GWT-RPC to access this data, or use REST if you have also other non-GWT clients. Do not expose any sensitive data. This basically forces you to implement business logic on the server instead on the client. Which is the right thing to do.
Update:
you should still secure the servlet: