My current site uses a ASP, database driven, ID based system to allow
people to download files they have the right permissions to, as well as
to send an email to them with necessary support links and passwords and
an email to us with 'who did what and when' info.
a typical link from this system might be http://www.oursite.com/getfile.asp?id=123
My current task is to allows link directly to the file (for a cleaner
looking link, I suppose) but still drive the emails, etc. My thought
was to use a combo of ASP.NET dlls and IIS6, which for the most parts
works. Esentially I just associate the .exe file extension with
aspnet_isapi.dl l and then use web.config and a .net script (index.aspx)
to check permissions etc.
index.aspx does a few things:
1 - checks for existing cookies to see if they are logged into our site
2 - redirects to login page if not
3 - when they are logged in, it checks their user ID against the
database for access to the file
4 - if granted, it sends the emails
5 - it uses FormsAuthentica tion.RedirectFr omLoginPage to give them the
file.
the issue is that the next file they want does NOT do steps 1 thru 4
above, because step 5 sets a cookie, which I have no contorl over, and
that cookies is available for the whole session, so no checks are made,
and no emails are sent.
What I'm looking for it either an alternative to
'FormsAuthentic ation.RedirectF romLoginPage', which doesn't *redirect*
to the file (as this instigates index.aspx and causes an infinite
loop), or a total new way to link directly to a filename and perform
actions before the file is given to the user.
any ideas?? 4 1650
Kevin,
You should be able to use an implementation of IHttpHandler. For more
information, check here on how to use them: http://msdn2.microsoft.com/en-us/5c67a8bd.aspx
The only thing you would have to beyond the code is register the
extension as being handled by ASP.NET, and then change your config file to
use the handler.
Then, you can do what you need in the handler.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Kevin Blount" <ke**********@g mail.com> wrote in message
news:11******** **************@ c74g2000cwc.goo glegroups.com.. . My current site uses a ASP, database driven, ID based system to allow people to download files they have the right permissions to, as well as to send an email to them with necessary support links and passwords and an email to us with 'who did what and when' info.
a typical link from this system might be
http://www.oursite.com/getfile.asp?id=123
My current task is to allows link directly to the file (for a cleaner looking link, I suppose) but still drive the emails, etc. My thought was to use a combo of ASP.NET dlls and IIS6, which for the most parts works. Esentially I just associate the .exe file extension with aspnet_isapi.dl l and then use web.config and a .net script (index.aspx) to check permissions etc.
index.aspx does a few things: 1 - checks for existing cookies to see if they are logged into our site 2 - redirects to login page if not 3 - when they are logged in, it checks their user ID against the database for access to the file 4 - if granted, it sends the emails 5 - it uses FormsAuthentica tion.RedirectFr omLoginPage to give them the file.
the issue is that the next file they want does NOT do steps 1 thru 4 above, because step 5 sets a cookie, which I have no contorl over, and that cookies is available for the whole session, so no checks are made, and no emails are sent.
What I'm looking for it either an alternative to 'FormsAuthentic ation.RedirectF romLoginPage', which doesn't *redirect* to the file (as this instigates index.aspx and causes an infinite loop), or a total new way to link directly to a filename and perform actions before the file is given to the user.
any ideas??
Hi Nicholas,
Thanks for the suggestion. I took a look at the link, did some reading,
and it does sound like it might work for me. As a test I copied the
code from this page: http://msdn2.microsoft.com/en-us/ms227433.aspx (C# version, natch <g>)
I adapated the instructions to work for .exe extensions, and the result
of that script does appear when I click a link to test.exe within the
application (/catalog/) where I update the web.config.
i.e. it works!!
the next thing for me to do is figure out which parts of that script I
need to edit to check the database, email the link, and finally
actually let someone grab test.exe. Right now it seems to display the
test message *instead* of downloading the file, which obviously defeats
my proposed use of the script.
Any ideas? I would normally battle it solo (and I will be working on it
once I finish typing this), but a deadline approaches, so any help I
can get is invaluable.
Thanks for posting the link.. it could just work, dammit! :)
Kevin
Nicholas Paldino [.NET/C# MVP] wrote: Kevin,
You should be able to use an implementation of IHttpHandler. For more information, check here on how to use them:
http://msdn2.microsoft.com/en-us/5c67a8bd.aspx
The only thing you would have to beyond the code is register the extension as being handled by ASP.NET, and then change your config file to
Kevin,
Well, here is where you will have to do some work.
First, you will have to set the ContentType header so that the browser
knows how to process what you are returning.
Then, when that is set, you will have to open the file and write the
contents. In this case, you should be able to pass the name of the file to
the WriteFile method on the Response exposed by the HttpContext passed in.
You can then do the email processing and whatnot in the same method
which processes the request.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Kevin Blount" <ke**********@g mail.com> wrote in message
news:11******** *************@f 6g2000cwb.googl egroups.com... Hi Nicholas,
Thanks for the suggestion. I took a look at the link, did some reading, and it does sound like it might work for me. As a test I copied the code from this page: http://msdn2.microsoft.com/en-us/ms227433.aspx (C# version, natch <g>)
I adapated the instructions to work for .exe extensions, and the result of that script does appear when I click a link to test.exe within the application (/catalog/) where I update the web.config.
i.e. it works!!
the next thing for me to do is figure out which parts of that script I need to edit to check the database, email the link, and finally actually let someone grab test.exe. Right now it seems to display the test message *instead* of downloading the file, which obviously defeats my proposed use of the script.
Any ideas? I would normally battle it solo (and I will be working on it once I finish typing this), but a deadline approaches, so any help I can get is invaluable.
Thanks for posting the link.. it could just work, dammit! :)
Kevin
Nicholas Paldino [.NET/C# MVP] wrote:Kevin,
You should be able to use an implementation of IHttpHandler. For more information, check here on how to use them:
http://msdn2.microsoft.com/en-us/5c67a8bd.aspx
The only thing you would have to beyond the code is register the extension as being handled by ASP.NET, and then change your config file to
Nicholas,
Great! I appreciate the guidance. As a lot of people, when I look at a
script I didn't write it takes me a while to figure out which bit does
what, and THEN I have to make it do what I want it to do heh.
Your quite summary puts me on the write road, especially as I actually
understood it! :)
Thanks again
Kevin
Nicholas Paldino [.NET/C# MVP] wrote: Kevin,
Well, here is where you will have to do some work.
First, you will have to set the ContentType header so that the browser knows how to process what you are returning.
Then, when that is set, you will have to open the file and write the contents. In this case, you should be able to pass the name of the file to the WriteFile method on the Response exposed by the HttpContext passed in.
You can then do the email processing and whatnot in the same method which processes the request.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
"Kevin Blount" <ke**********@g mail.com> wrote in message news:11******** *************@f 6g2000cwb.googl egroups.com... Hi Nicholas,
Thanks for the suggestion. I took a look at the link, did some reading, and it does sound like it might work for me. As a test I copied the code from this page: http://msdn2.microsoft.com/en-us/ms227433.aspx (C# version, natch <g>)
I adapated the instructions to work for .exe extensions, and the result of that script does appear when I click a link to test.exe within the application (/catalog/) where I update the web.config.
i.e. it works!!
the next thing for me to do is figure out which parts of that script I need to edit to check the database, email the link, and finally actually let someone grab test.exe. Right now it seems to display the test message *instead* of downloading the file, which obviously defeats my proposed use of the script.
Any ideas? I would normally battle it solo (and I will be working on it once I finish typing this), but a deadline approaches, so any help I can get is invaluable.
Thanks for posting the link.. it could just work, dammit! :)
Kevin
Nicholas Paldino [.NET/C# MVP] wrote:Kevin,
You should be able to use an implementation of IHttpHandler. For more information, check here on how to use them:
http://msdn2.microsoft.com/en-us/5c67a8bd.aspx
The only thing you would have to beyond the code is register the extension as being handled by ASP.NET, and then change your config file to This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Gary |
last post by:
Hi, guys!
Some of my applications are sharing same SQL login/password to connect
to a database called "MyDB" on server "MyServer" . The password is
encrypted and stored in registry or some configuration file the
applications use. The applications use certain arithmetic to decrypt
the password and then connect to MyDB.
The problem is a few developers know the arithmetic. So virtually
there is no security here.
|
by: Erik Brown |
last post by:
sql = "CALL " + myschema + ".MYSPROC(?,?,?,?,?,?,?,?,?)";
rs = con.prepareCall(sql);
rs.setString(1, user);
rs.setString(2, action);
rs.setString(3, versions);
rs.setString(4, spec);
rs.setString(5, where);
rs.setString(6, server);
rs.setString(7, flag);
|
by: Hannu |
last post by:
Hi.
In the ldb file you can see the users of the mdb-file. If you open the
mdb-file your machine and username will be written in the lbd- file.
Allthough you close the mdb-file your name won't disappear from the
ldb-file, before every user has closed the mdb-file.
I have heard that there will be problems if the amount of users will
be over 10 in mdb-files. Is that true?
Hannu
|
by: AnandaSim |
last post by:
I just had a google through this NG but have not seen mention of Erik
Rucker's blog entry and the new Jet:
http://blogs.msdn.com/access/archive/2005/10/05/477549.aspx
mentioned by Mike Gunderloy
http://www.larkware.com/dg4/TheDailyGrind726.html
Aside from the Sharepoint feature extension, amazing news.
|
by: VM |
last post by:
How can I limit the use of the PC's virtual memory? I'm running a process
that basically takes a txt file and loads it to a datatable. The problem is
that the file is over 400,000 lines long (77 MB) and after a while I get the
Windows message saying that the virtual memory's getting really low. Plus
the machine gets really sluggish (with multi-threading). Is it possible to
use the virtual memory until it reaches a certain limit and then use...
| |
by: Joey |
last post by:
I have a web app that uses forms authentication. The app also has a
downloads section, and I need to be able to use <location> tags to
control access to the downloadable files there (preferably by directory
instead of individual file.)
I understand that this behavior does not occur by default because IIS
does only maps certain file types (i.e. "*.aspx") to asp.net by
default. In other words, any user can download files that are within...
|
by: Grip |
last post by:
Hi,
I have gone throught the group and Microsoft's online help and have
seen many suggestions but I am still seeking clarity:
1. I have an excel spreadsheet. Column A contains text that may be
greater than 255 characters.
2. I have an access database. I link (not import) to the contents of
the excel spreadsheet. In the design view in access, Column A has the
data type "memo".
|
by: Bob |
last post by:
Hi all,
My databases seem to become corrupted as soon as they reach 2GB. Once
it does become corrupted the only fix is to create a new database and
transfer everything into that. I need to avoid that happening and I'm
not sure exactly how to do that. Is there a way that I can check the
size of the database (don't know how) and then remove obselete tables
(know how to) if its over a threshold and then compact and repair the
db (know...
|
by: Nosferatum |
last post by:
Hi, on my Apache server I want to limit access to a certain file ouput
(from php/MySQL) to just one IP. The idea is that users from another
site should click a link whic redirects them to my special page on my
server. Only those who access my page from one particulary URL are
allowed to see my file. All others are denied.
Is it possible to solve this with a .htaccess file, or do I need a php
solution?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |