I'm considering tools and utils for a new project and WebStart looks like it could suit our needs just perfect.
Just one little question:
If I have a system with multiple applications controlled by WebStart, is it possible to restrict user access?
I need to be able to present different selections of applications to different types of users, is this possible to configure/code for WebStart?
Thankful for pointers
At what point do you want to treat different users
differently (like allowing access to different apps)?
Possible points could be:
- at the webserver level (different download pages,
that are access protected)
- different Web Start application caches (as far
as I understand under Win32 all users share
one cache - but this seems subject to some
property configuration in WebStart)
- within the application (the app expecting different
license keys, passwords or such)
- within Web Start (Web Start utility asks for password,
this could be achieved by writing a custom jnlp
client - think openjnlp as example
http://openjnlp.nanode.org/)
I think the first two options are not useful, as
users might get the application somewhere else
and just copy it onto their box - this is also
true for the last option.
So I would put access control into the applications
themselves.
Thanks for the pointers!
I was thinking of trying to use the sercurity control of the web server itself i.e. access restrictions on the download pages. Of course, a user can "rip" an app from another client. Disregarding that flaw, how does the ApplicationManager handle a download page the user does not have access to? I mean what happens when the user launches a controlled app. from ApplicationManager instead of the download page itself?
Is it possible for ApplicationManager to handle this situation in a meaningful way or will the user get an HTTP 404 or 405 error?