Restrict user to directly call an excel file by typing URL in browser address

Hi,

I have a java servlet which on authentication redirects an Excel file.
But I found the URL of the Excel file can be directly pasted in the
browser address bar and then also the file can be directly downloaded
without authentication.

eg. I would like to restrict user from directly downloading the Excel
file by entering the URL www.mysite.com/my/download/data.xls in IE
address bar.

The code below is what I am currently playing trial-and-error with. I
would really appreciate any suggestions of whether I'm on the right
track or not. I have a feeling I need to use DataOutputStream
somewhere, but I'm really not sure.

Any code, directions, help or suggestions would be great! Thanks :)

Code:

DataInputStream dis = null;

byte[] buffer = new byte[0];

try
{
    File f = new
File("./myserver/website_files/otherfiles/excelFile.xls");

    if (f.length() == 0)
    {
        //error handling
    }

    if (f.list() != null)
    {
        //error handling
    }

    FileInputStream fis = new FileInputStream(f);
    BufferedInputStream bis = new BufferedInputStream(fis);
    dis = new DataInputStream(bis);

    dis.readFully(buffer);
}
catch (IOException e)
{
    //error handling
}
finally
{
    // if the file opened okay, make sure we close it
    if (dis != null)
    {
        try
        {
            dis.close();
        }
        catch (IOException ioe)
        {
        }
    }
}