Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these documents so
that the user can click them open and all this is only for users logged in
only. But the problem is that ones the user sees the name and part of the
document they are able to browse to the document using this url without even
logging in to the website,question is how can i restrict the user so that the
only way he can access documents form this folder is if they log into the
website.
Please suggest.!!
Sameer 4 1386
Hi,
you need to map file extension in IIS for ASP.NET to handle (map extension
to aspnet_isapi.dll). After that, forms authentication can take place with
these files. For example with PDFs see this good post by Richard Dudley http://aspadvice.com/blogs/rjdudley/...5/21/2595.aspx
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message
news:19**********************************@microsof t.com...
Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these documents
so
that the user can click them open and all this is only for users logged in
only. But the problem is that ones the user sees the name and part of the
document they are able to browse to the document using this url without
even
logging in to the website,question is how can i restrict the user so that
the
only way he can access documents form this folder is if they log into the
website.
Please suggest.!!
Sameer
Teemu, thanks for your reply but what if the user is uploading files with
different extensions that are not registered with IIS, they woudl be able to
be viewed by the users unless i regsiter their extension with IIS. Other then
this, isnt there any other way that i can restrict access to these file for
users not logged in the application?
thanks
"Teemu Keiski" wrote:
Hi,
you need to map file extension in IIS for ASP.NET to handle (map extension
to aspnet_isapi.dll). After that, forms authentication can take place with
these files. For example with PDFs see this good post by Richard Dudley
http://aspadvice.com/blogs/rjdudley/...5/21/2595.aspx
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message
news:19**********************************@microsof t.com...
Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these documents
so
that the user can click them open and all this is only for users logged in
only. But the problem is that ones the user sees the name and part of the
document they are able to browse to the document using this url without
even
logging in to the website,question is how can i restrict the user so that
the
only way he can access documents form this folder is if they log into the
website.
Please suggest.!!
Sameer
Hi,
I'd say you'd probably want to restrict the types of files to be uploaded,
when you can do this. Basically, you could map all extensions to ASP.NET
(just use wildcard *) but it has performance penalty also, since mapping
means that files are served through ASP.NET pipeline.
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message
news:A6**********************************@microsof t.com...
Teemu, thanks for your reply but what if the user is uploading files with
different extensions that are not registered with IIS, they woudl be able
to
be viewed by the users unless i regsiter their extension with IIS. Other
then
this, isnt there any other way that i can restrict access to these file
for
users not logged in the application?
thanks
"Teemu Keiski" wrote:
>Hi,
you need to map file extension in IIS for ASP.NET to handle (map extension to aspnet_isapi.dll). After that, forms authentication can take place with these files. For example with PDFs see this good post by Richard Dudley
http://aspadvice.com/blogs/rjdudley/...5/21/2595.aspx
-- Teemu Keiski ASP.NET MVP, AspInsider Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message news:19**********************************@microso ft.com...
Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these
documents
so
that the user can click them open and all this is only for users logged
in
only. But the problem is that ones the user sees the name and part of
the
document they are able to browse to the document using this url without
even
logging in to the website,question is how can i restrict the user so
that
the
only way he can access documents form this folder is if they log into
the
website.
Please suggest.!!
Sameer
if you would like to restrict users to certain parts of the website, I would
suggest enable membership and roles, this way a user will be forced to logon,
see this video tutorial for help on membership and roles: http://download.microsoft.com/downlo...oles_final.wmv
--
The walls between art and engineering exist only in our minds
"Teemu Keiski" wrote:
Hi,
I'd say you'd probably want to restrict the types of files to be uploaded,
when you can do this. Basically, you could map all extensions to ASP.NET
(just use wildcard *) but it has performance penalty also, since mapping
means that files are served through ASP.NET pipeline.
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message
news:A6**********************************@microsof t.com...
Teemu, thanks for your reply but what if the user is uploading files with
different extensions that are not registered with IIS, they woudl be able
to
be viewed by the users unless i regsiter their extension with IIS. Other
then
this, isnt there any other way that i can restrict access to these file
for
users not logged in the application?
thanks
"Teemu Keiski" wrote:
Hi,
you need to map file extension in IIS for ASP.NET to handle (map
extension
to aspnet_isapi.dll). After that, forms authentication can take place
with
these files. For example with PDFs see this good post by Richard Dudley
http://aspadvice.com/blogs/rjdudley/...5/21/2595.aspx
--
Teemu Keiski
ASP.NET MVP, AspInsider
Finland, EU http://blogs.aspadvice.com/joteke
"sameer" <sa****@discussions.microsoft.comwrote in message
news:19**********************************@microsof t.com...
Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these
documents
so
that the user can click them open and all this is only for users logged
in
only. But the problem is that ones the user sees the name and part of
the
document they are able to browse to the document using this url without
even
logging in to the website,question is how can i restrict the user so
that
the
only way he can access documents form this folder is if they log into
the
website.
Please suggest.!!
Sameer
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Al Knowles |
last post by:
I have researched and tried every method I can find for passing a two-page
tif file from a VB6 application to
a web service via XML. These include XMLTextReader.ReadBase64,
Convert.FromBase64,...
|
by: j |
last post by:
Hi,
I've been trying to do line/character counts on documents that are
being uploaded. As well as the "counting" I also have to remove
certain sections from the file.
So, firstly I was working...
|
by: IkBenHet |
last post by:
Hello,
I use this script to upload image files to a folder on a IIS6 server:
******************* START UPLOAD.ASPX FILE **********************
<%@ Page Language="VB" Debug="true" %>
|
by: IkBenHet |
last post by:
Hello,
I use this script to upload image files to a folder on a IIS6 server:
******************* START UPLOAD.ASPX FILE **********************
<%@ Page Language="VB" Debug="true" %>
|
by: RedHair |
last post by:
I'd like to set up a file system for the ASP.NET 2.0 application
to store user-uploaded files, since the members are more than
100,000 people, the basic requirements are as below:
(1) The file...
| |
by: riteshjain82 |
last post by:
Hi, Please go through this:
I am having a file (default.asp) on which i am taking many details from
a user before mailing it to someone. I have also provided the user with
a facility of...
|
by: sameer |
last post by:
Hi all,
my asp.net page lets the users uploads documents up to a folder on the
webserver and then shows hyperlinks on a page pointing to these documents so
that the user can click them open and...
|
by: Morgan |
last post by:
Hello! I'm trying to find out if it's possible to access the properties of
an document uploaded via the fileupload control? The end goal is to
dynamically insert the number of pages in a document...
|
by: Jeigh |
last post by:
Hello,
I'm going to start making a script that will allow users to upload a file, then re download it later. I'll basically be doing the following:
- The uploaded file will be given a string of...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |