473,320 Members | 1,922 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Is it possible to do Authentication with ASP.NET / C# over IIS ?

Hi,

I try to solve a problem: Some folder on an IIS Webserver should be
protected with username and password. So I switched off anonymous
access and do Authentication. So far so good. But I want to have a SQL
database with the users which are allowed to login and just ONE System
account who is allowed to login to the protected folder. So what I
want to do is:
Make a login page and check Username and password against the entries
in the sql.
Not the problem but is it possible to do an authentication with the
script with the windows account after successful checking against the
sql user so that the script can send a http header with the file
location?

Step by step:
1. Login page
2. Check login against sql data
3. Store success and show filenames, click on a filename
3. Success -> Authenticate via script with windows user who has access
to the folder which is protected and contains the files.
4. Send header information with the filepath to download

For some suggestions I would be thankful
Regards
Martin Strojek
ma****@strojek.de
Nov 18 '05 #1
2 1526
I usually do a binary send to send files to users with permissions. This
way you can store the files in a protected folder that none of the users can
access directly, but your webapp can stream them to users with correct
permissions.

-John Oakes

"Martin Strojek" <ma****@strojek.de> wrote in message
news:60**************************@posting.google.c om...
Hi,

I try to solve a problem: Some folder on an IIS Webserver should be
protected with username and password. So I switched off anonymous
access and do Authentication. So far so good. But I want to have a SQL
database with the users which are allowed to login and just ONE System
account who is allowed to login to the protected folder. So what I
want to do is:
Make a login page and check Username and password against the entries
in the sql.
Not the problem but is it possible to do an authentication with the
script with the windows account after successful checking against the
sql user so that the script can send a http header with the file
location?

Step by step:
1. Login page
2. Check login against sql data
3. Store success and show filenames, click on a filename
3. Success -> Authenticate via script with windows user who has access
to the folder which is protected and contains the files.
4. Send header information with the filepath to download

For some suggestions I would be thankful
Regards
Martin Strojek
ma****@strojek.de

Nov 18 '05 #2
Thanks for this suggestion, that was
what I tried so far:

Put the files in a folder upper the docroot of the website itself so that
they can't be accessed over HTTP and
read data with System.IO to send them with octed stream over
a download page.

Thought there was another way like the idea I had before in this thread.

But I can live with this one :)

Thanks & regards

Martin Strojek
ma****@strojek.de

"John Oakes" <jo**@networkproductions.net> wrote in message news:<eh**************@tk2msftngp13.phx.gbl>...
I usually do a binary send to send files to users with permissions. This
way you can store the files in a protected folder that none of the users can
access directly, but your webapp can stream them to users with correct
permissions.

-John Oakes

"Martin Strojek" <ma****@strojek.de> wrote in message
news:60**************************@posting.google.c om...
Hi,

I try to solve a problem: Some folder on an IIS Webserver should be
protected with username and password. So I switched off anonymous
access and do Authentication. So far so good. But I want to have a SQL
database with the users which are allowed to login and just ONE System
account who is allowed to login to the protected folder. So what I
want to do is:
Make a login page and check Username and password against the entries
in the sql.
Not the problem but is it possible to do an authentication with the
script with the windows account after successful checking against the
sql user so that the script can send a http header with the file
location?

Step by step:
1. Login page
2. Check login against sql data
3. Store success and show filenames, click on a filename
3. Success -> Authenticate via script with windows user who has access
to the folder which is protected and contains the files.
4. Send header information with the filepath to download

For some suggestions I would be thankful
Regards
Martin Strojek
ma****@strojek.de

Nov 18 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Pradeep | last post by:
DB2ers, I am a newbie to DB2 but have enough experience with other database servers. Many database servers such as SQLServer offer a dual-mode authentication mechanism, that is, either you can...
4
by: Ravikanth[MVP] | last post by:
Hi It is possible that IIS and SQL Server can reside on Seperate Machines and you can use Integrated Windows Authentication to connect. Ravikanth >-----Original Message-----
9
by: Tom B | last post by:
In my web.config file I've specified Windows for the authentication, in IIS I've set it to Integrated Authentication. But my SQL connection is still showing Anonymous. Is there somewhere else I...
15
by: joun | last post by:
Hi all, i want to create in my asp.net application a custom server variable, so i can retrieve later in other pages (even asp or perl) with request.servervariables("HTTP_mycustomvariable") ...
0
by: Sherwood | last post by:
My current scenario is users logging in to our website and being directed to a specific directory based on who they are. The ACLs on the destination result in prompts for credentials (the windows...
1
by: Andy | last post by:
Hi, I was wondering if someone could advise on if the following is possible. I have one website that is available to the public using Forms authentication and the Membership class, it...
1
by: Chris | last post by:
Hi, we run a webapplication where users must log in. So the web.config contains: <authentication mode="Forms"/and IIS is set to Anonymous authentification. Now we want the same application to...
7
by: John Drako | last post by:
Currently, I run postfix on my own server to send message from my site (password requests, account activation notices and other messages). I have phpMailer on the server and all the messages...
1
by: Jean-Paul Calderone | last post by:
On Mon, 5 May 2008 11:11:19 -0700 (PDT), TkNeo <tarun.kap@gmail.comwrote: FWIW, though not as complete as an OpenSSL wrapper as M2Crypto, pyOpenSSL works with Python 2.3. As far as the details...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.