存储Web应用程序的临时数据的最佳实践 [英] Best practice to store temporary data for a webapp
问题描述
因此,我将文档模板按需复制到用户的临时文件夹中,并对其进行修改。我这样做是因为每个模板都必须在修改期间可用。
之后,用户通过我的webapp的下载链接获得他的文档。
我的问题:是否有存储webapp数据的最佳做法?我认为temp会很好。但由于我必须自己删除数据,所以我想将它放在tomcat webapp文件夹中的WAR文件夹之外。
我使用Windows 2003作为Tomcat的主机系统。我使用Grails,Java和Maven作为我的项目...不知道这些信息是否需要。
编辑:
我问这个小问题的主要原因是...如果我照顾创建/删除我的临时数据......在系统上使用临时文件夹还是一个好习惯吗?
我不确定这个...
在webapp中存储(敏感)用户特定文件时,请确保将其存储在 / WEB-INF 中的某个位置,并使用 Servlet 访问它们(间接)检查记录在用户中,否则它可以在万维网上的任何用户/黑客访问。其优点是可以通过 ServletContext#getResource()或 #getRealPath()以编程方式轻松访问。缺点是,每当您重新部署Web应用程序时,它们都会丢失。
您也可以将它们存储在默认的临时文件夹中。好处是它可以通过标准的API来访问,如 File#createTempFile()或 System.getProperty(java.io.tmpdir)。临时文件夹的缺点是操作系统控制的文件夹清理不能从Java控制,所以当您关闭资源但稍后仍然需要时,您可能会冒险丢失内容。
<您也可以将它们存储在webapp外的固定文件夹中。它的优点是,只要重新部署Web应用程序,东西就不会丢失。缺点是您需要自己创建文件夹,并拥有足够的操作系统权限,这可能不适用于第三方主机。
清理自己的临时资源当然属于你需要自己做的任务。我不认为这是一个问题。
只是超过了优点/缺点。
My newest project is able to generate documents with information from a database.
So I copy the document template on demand to a temporary folder for a user and modify it. I do this because every template must be available during modification.
Afterwards the user is awarded with his document via a download link from my webapp.
My question: Is there a best practice for storing webapp data ? I thought temp would be nice for it. But since I have to delete the data myself I thought of placing it besides my WAR folder in the tomcat webapp folder.
I use Windows 2003 as a host system with Tomcat. I use Grails, Java and Maven for my project...don't know if this information is needed.
Edit:
Main reason why I ask this trivial question is...if I take care of creating/deleting my temporary data...is it still a good practice to use temp folder on the system?
I am not sure about this...
When storing (sensitive) user-specific files in webapp, ensure that you store it somewhere in /WEB-INF and access them with a Servlet which (indirectly) checks the logged in user, otherwise it's accessible for any user/hacker on the world wide web. The advantage is that it's easily accessible programmatically by ServletContext#getResource() or #getRealPath(). The disadvantage is that they will get lost whenever you redeploy the webapp.
You can also store them in the default temporary folder. The advantage is that it is accessible by standard API's like File#createTempFile() or System.getProperty("java.io.tmpdir"). The temporary folder has the disadvantage that OS-controlled folder cleanup is not controllable from Java, so you may risk the stuff getting lost whenever you close the resource but still need it later.
You can also store them in a fixed folder outside the webapp. It has the advantage that the stuff don't get lost whenever you redeploy the webapp. The disadvantage is that you need to create the folder yourself with sufficient OS rights, which may not be applicable in 3rd party hosts.
Cleaning your own temporary resources certainly belongs to the tasks you need to do yourself. I wouldn't consider it as a concern.
Just outweigh the advantages/disadvantages.
这篇关于存储Web应用程序的临时数据的最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
