Hello Everyone,
This is sort of a followup to the protecting files question I asked earlier
today.
I would like to protect a file so that only certain users could download it
from my website. It would be very easy for me to simply use IIS Admin to
remove anonymous access to that file and to create a new account on the web
server and give those account credentials to my users. That would prohibit
people from directly accessing the file unless they knew the username and
password.
My question is this: Is there a way for me to write an ASP page that
"embeds" these logon credentials into a hyperlink to a page, or that
automatically logs a user on with hard-coded credentials?
What I'm thinking is that I can authenticate my users against my own app's
database, and then if successful I could perform a behind-the-scenes basic
Windows logon (with all users using the same Windows account) to actually
provide the file to the users. (In my case, my user accounts are stored in
SQL--they are not windows accounts.)
I'm pretty good at figuring out stuff for myself, but I'm not sure that I'm
searching on the right terms in Google and MSDN. What would I use to do what
I want to do?
My flow would look like this:
1. default.asp (has html form for credentials)
2. nextpage.asp (authenticates user to my DB and if successful, performs
Windows basic logon to authenticate the user to IIS with a generic account.
At this point we would switch over from "iusr_computern ame" to "user1" or
whatever generic name I pick)
3. Now that we're authenticated to IIS, the page could link to the
NTFS-permissioned files.
Using ASP to perform a basic windows logon in step 2 is the section I'm
having trouble with.
Thanks a million,
Brian
2  1517 
I should add to this question:
I'm thinking that since basic windows authentication is done via the HTTP
header, that maybe I could write an ASP page that forwards (like
response.redire ct) to another page but that includes my custom header with
the credentials inside?
a. Is that possible?
b. Would that prevent users from seeing my custom header and then user
credentials?
Thanks again,
Brian
"Brian Madden" <br***@brianmad den.com> wrote in message
news:ua******** ******@TK2MSFTN GP10.phx.gbl... Hello Everyone,
This is sort of a followup to the protecting files question I asked
earlier today.
I would like to protect a file so that only certain users could download
it from my website. It would be very easy for me to simply use IIS Admin
to remove anonymous access to that file and to create a new account on the
web server and give those account credentials to my users. That would
prohibit people from directly accessing the file unless they knew the
username and password.
My question is this: Is there a way for me to write an ASP page that
"embeds" these logon credentials into a hyperlink to a page, or that
automatically logs a user on with hard-coded credentials?
What I'm thinking is that I can authenticate my users against my own app's
database, and then if successful I could perform a behind-the-scenes basic
Windows logon (with all users using the same Windows account) to actually
provide the file to the users. (In my case, my user accounts are stored in
SQL--they are not windows accounts.)
I'm pretty good at figuring out stuff for myself, but I'm not sure that
I'm searching on the right terms in Google and MSDN. What would I use to
do what I want to do?
My flow would look like this:
1. default.asp (has html form for credentials)
2. nextpage.asp (authenticates user to my DB and if successful, performs
Windows basic logon to authenticate the user to IIS with a generic
account. At this point we would switch over from "iusr_computern ame" to
"user1" or whatever generic name I pick)
3. Now that we're authenticated to IIS, the page could link to the
NTFS-permissioned files.
Using ASP to perform a basic windows logon in step 2 is the section I'm
having trouble with.
Thanks a million,
Brian This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: dan glenn |
last post by:
(PHP 4.3.4) THIS IS DRIVING ME NUTS!
I have a website where I offer members their own bit of webspace to use and
am coding a very simple 'filemanager' that allows a user to upload, delete,
and edit text files (members, of course, will not have normal sign-on FTP
access to the site - I just limit them to their own folder space). I'm
hitting a real problem with file and directory permissions, in that it seems
I'm experiencing...
|
by: Dmitry |
last post by:
Hi folks!
I need to find a way to switch to a different Unix user from within
the Perl script that is currently ran unattended. Script must switch
user in order to execute proper profile for different Data Base
Instance and set corresponding environmental variables correctly.
Script works fine for a single Data Base Instance. I need to be able
to run it consecutively for several others instances. This requires
login in as a different...
|
by: Fotios |
last post by:
Hi guys,
I have put together a flexible client-side user agent detector (written in
js). I thought that some of you may find it useful. Code is here:
http://fotios.cc/software/ua_detect.htm
The detector requires javascript 1.0 to work. This translates to netscape
2.0 and IE 3.0 (although maybe IE 2.0 also works with it)
|
by: ern |
last post by:
I have a program that runs scripts. If the user types "script
myScript.dat" the program will grab commands from the text file, verify
correctness, and begin executing the script UNTIL...
I need a way to stop the execution with user input. I was thinking
something like this:
while(user hasn't pressed 'any key'){
keepExecutingScript();
}
|
by: Michelle Stone |
last post by:
Hi everybody
I am writing a simple asp.net application using form
authentication. I store the list of all users and their
passwords in an SQL Server database table.
My client recently told me that he wants me to do
something through which only one user can login using any
given account name. I mean to say, for example, when a
user called "abc" is online, another person shouldn't be
| | |
by: bill |
last post by:
I have the following user control in my project simply
for setting focus to a control:
Public Class SetFocus
Inherits System.Web.UI.UserControl
|
by: phal |
last post by:
Hi
I think there are many different browsers to browse to the Internet,
how can I write the javascript to identify different browser and
display according to the users. Some browser disable the javascript by
default or by the user, how can i solve this problem if the javascript
is disable.
thank you
|
by: rn5a |
last post by:
Consider the following user control which resides in Address.ascx:
<script runat="server">
Public Property Address() As String
Get
Address = txtAddress.Text
End Get
Set(ByVal value As String)
txtAddress.Text = value
End Set
|
by: happyse27 |
last post by:
Hi All,
I modified the user registration script, but not sure how to make it check for each variable in terms of preventing junk registration and invalid characters?
Two codes below :
a) html
b) perl script (print and inserting into database)
Cheers...
Andrew
|
by: happyse27 |
last post by:
Hi All,
In perl script(item b below) where we check if html registration form are filled in properly without blank with the necessary fields, how to prompt users that the field are incomplete or blank and then go back to main page(item a below user registration html page) always, something like goggle or msn login page function...
Thanks and Best Rgds,
Andrew
a) script called from user registration html...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
