Folks:
I have some zip files I'd like to serve to authenticated users on my
site, but would like to prevent unauthorized users from using an
absolute path to get to these zip files. For example
http://blah.com/file.zip should not be accessible directly without
authenticating. However, my current authenticaion goes to an LDAP
server and I'd rather not prompt users for another username and
password.
The only way I can figure this is to create a local user account on
the server, then set it to have NTFS read permissions for file. The
tricky part is using asp to pass windows authentication information in
the background to the server. Once it's authenticated, the download
begins. If a user somehow figures the absolute path to ther file, he
should be prevented from downloading it.
Is this possible?
Help.
Roberto