Example: http://10.97.XXX.XXX/spotfire/library?guid=672418a9-7c64-44ec-88b6-f36a090fe9a5
If one wants to restrict possibility to download an item from the library via <server>/spotfire/library?guid=... may follow the below workaround:
1. Open [tss_install_dir]\tomcat\webapps\spotfire\WEB-INF\security-filter.xml
2. Locate the section starting with this:
<security-config>
<id>protected.web</id>
3. Remove the following line from that section.
<url-pattern>/library/*</url-pattern>
4. Locate the section starting with this:
<security-config>
<id>excluded</id>
5. Inside that section below <url-pattern>/*</url-pattern> add the following:
<url-pattern>/library/*</url-pattern>
The result should look similar to:
<!-- All-access should be denied to all resources that are not specified above -->
<security-config>
<id>excluded</id>
<security-constraint>
<display-name>excluded</display-name>
<web-resource-collection>
<web-resource-name>No Access</web-resource-name>
<url-pattern>/*</url-pattern>
<url-pattern>/library/*</url-pattern>
</web-resource-collection>
...
</security-config>
6. Save the modified security-filter.xml and restart TIBCO Spotfire Server.
NOTE: Steps 1-6 has to be applied to each TIBCO Spotfire Server in the cluster. Step 1-6 also has to be repeated after Updating to new Service pack level and after Upgrading to new Server version.
RESULT: When you browse the URL after the changes above