<% String objectId = request.getParameter("id"); String userName = dbBean.getCookie(request, "userName"); String password = dbBean.getCookie(request, "password"); if (userName==null || password==null) response.sendRedirect("Login.html"); // 'userName' and 'password' cookies are found // now let's see if user has access to the file String filename = dbBean.getFilename(objectId, userName, password); if (filename==null) response.sendRedirect("Login.html"); else { downloadBean.forceFilename(filename); downloadBean.download(response, dbBean.getDataPath() + objectId); } %>