By design a user without the license "TIBCO Spotfire Enterprise Player" >> 'Save Spotfire Analysis File' is also able to save the analysis file as DXP through the link generated ("Location for the file in the library") on saving the file to the library.

There may be scenarios when you would want users not to download an analysis file from a web browser using the URL generated (when saving as a library item)

All supported operating systems

Example: http://10.97.XXX.XXX/spotfire/library?guid=672418a9-7c64-44ec-88b6-f36a090fe9a5

If one wants to restrict possibility to download an item from the library via <server>/spotfire/library?guid=...   may follow the below workaround:

1. Open  [tss_install_dir]\tomcat\webapps\spotfire\WEB-INF\security-filter.xml

2. Locate the section starting with this:
<security-config>
  <id>protected.web</id>

3. Remove the following line from that section.
<url-pattern>/library/*</url-pattern>

4. Locate the section starting with this:
<security-config>
  <id>excluded</id>

5. Inside that section below <url-pattern>/*</url-pattern> add the following:
<url-pattern>/library/*</url-pattern>

The result should look similar to:

  <!-- All-access should be denied to all resources that are not specified above -->
<security-config>
  <id>excluded</id>
  <security-constraint>
    <display-name>excluded</display-name>
    <web-resource-collection>
    <web-resource-name>No Access</web-resource-name>
    <url-pattern>/*</url-pattern>
    <url-pattern>/library/*</url-pattern>
  </web-resource-collection>
...

</security-config>

 6. Save the modified security-filter.xml and restart TIBCO Spotfire Server.

NOTE: Steps 1-6 has to be applied to each TIBCO Spotfire Server in the cluster. Step 1-6 also has to be repeated after Updating to new Service pack level and after Upgrading to new Server version.

RESULT: When you browse the URL after the changes above

Steps on how to block/restrict 'Save Spotfire Analysis File' option when using the Spotfire web player link