472,989 Members | 3,137 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > folder permissions

Join Bytes to post your question to a community of 472,989 software developers and data experts.

folder permissions

Using Asp.Net/VB.Net on a Win2003 server

I need to determine if a Windows user has access to a folder on a local
drive.
One option is to impersonate, but I've read that impersonating is not
scalable via web application.

The scenario is this...

I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system

I'm trying to mimic that authentication process FTP utilizes.
So I'm doing a normal HTTPS file upload while passing Windows credentials in
the HTTPS headers .
The calling application determines the folder where the file should be
placed. Now the server app needs to determine if the user (based on name
and password) has access to the requested folder.

Am I approaching this all wrong ? If so, what is a better way, or what API
calls should I be using to authenticate user against requested folder.

Thanks a bunch !
Bill
Jul 28 '05 #1
2 2698
Bill,
I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system.


Hmm, I'm not sure if it possible to achieve what you are trying to do.

You say that you have the user name and password of the client. Without
logging in (impersonating as) that given user, you cannot check if the
password given is actually valid. At least I'm not aware of a way to do
this.

However, there are API functions that you can use to check if you could
access a file given a SID of a user. Could you have such a SID somehow? If
yes, see for example the functions GetFileSecurity and AccessCheck.

If you are instead able to login as the client (impersonate), then Windows
itself will tell you if the user can access the file -- or you will get an
error. This is automatic and requires no additional code from your part.
This is the method I would recommend, despite the scalability issues. But in
my opinion you cannot avoid them.

Hope this helps to give some directions.

--
Regards,

Mr. Jani Järvinen
C# MVP
Helsinki, Finland
ja***@removethis.dystopia.fi
http://www.saunalahti.fi/janij/
Jul 30 '05 #2
Thanks Jani,

I may at least try impersonating to see what peformance looks like.
I assume the FTP protocol did the same thing anyway.

Bill
"Jani Järvinen [MVP]" <ja***@removethis.dystopia.fi> wrote in message
news:eI**************@tk2msftngp13.phx.gbl...
Bill,
I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system.


Hmm, I'm not sure if it possible to achieve what you are trying to do.

You say that you have the user name and password of the client. Without
logging in (impersonating as) that given user, you cannot check if the
password given is actually valid. At least I'm not aware of a way to do
this.

However, there are API functions that you can use to check if you could
access a file given a SID of a user. Could you have such a SID somehow? If
yes, see for example the functions GetFileSecurity and AccessCheck.

If you are instead able to login as the client (impersonate), then Windows
itself will tell you if the user can access the file -- or you will get an
error. This is automatic and requires no additional code from your part.
This is the method I would recommend, despite the scalability issues. But
in my opinion you cannot avoid them.

Hope this helps to give some directions.

--
Regards,

Mr. Jani Järvinen
C# MVP
Helsinki, Finland
ja***@removethis.dystopia.fi
http://www.saunalahti.fi/janij/

Aug 4 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
folder permissions problem with chdir()
by: Andrew Crowe | last post by:
Hi guys, We're using the ISAPI version of PHP with IIS5.0 On some websites for some reason any php file in the websites root is given the path winnt/system32 (getcwd() returns...
PHP
7
Folder permissions
by: Kim Lots | last post by:
Hi Sorry to disturb you again but i really like to know what's the NTFS folder permissions on a "virtual directory" folder for a public webserver iis 5.x running ASP 3.0 with an Access DB on a...
ASP / Active Server Pages
3
Create a writable folder in aspnet setup project
by: roger | last post by:
I've created a web setup project for my aspnet app, and added a web folder item "tmp" to the File System editor under the web application folder. (My app uses this folder for generating image...
.NET Framework
0
Setting permissions on a folder using WMI
by: Praveen | last post by:
Hello. I am writing some code that accepts a DFS Link and Username and grants that User permissions to the physical directory that the DFS Link corresponds to. I am using the System.Management...
.NET Framework
7
Securing A Folder On A Server
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store...
Microsoft Access / VBA
2
Removing NTFS Folder Permissions On Win2000 In .NET Without using WMI
by: Ram | last post by:
Hey, I'v managed to find a way of adding NTFS permissions to a certain folder, But the problem is, the folder has a couple of inherited permissions which I want to delete. How can I remove the...
C# / C Sharp
6
Creating a Shared Folder
by: Jeff | last post by:
Hi - I understand how to create a directory folder, but how can I programatically create a _shared_ directory folder and set its permissions?? (I'm using VB.NET.) Thanks for your help. -...
Visual Basic .NET
5
How to tell if you have Read access to a network folder?
by: Mitchell S. Honnert | last post by:
Is there a way, given the full path of a folder on a network, that one can programatically tell if you have Read access to that folder? I have an application where the user is able to select a...
Visual Basic .NET
2
Folder permissions problem trying to run a PHP script
by: skinnybloke | last post by:
Hi - I have a file permissions problem with PHP. I am using a product called Actinic to develop a shopping cart. This creates a subfolder named ACATALOG into which it loads all of its files. The...
PHP
6
how does the app_data folder work
by: Andy Fish | last post by:
Hi, From what I can gather, under Asp.Net 2.0, it is safe to put data and config files underneath the app_data in the web root and they will not be served directly to the browser from a URL. ...
ASP.NET
0
React to native button blinking effect
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
Software Development
2
isladogs
Access Europe meeting on Wed 4 Oct - The future of Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 4 Oct 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
Microsoft Access / VBA
0
How to find best mobile app development company in usa
by: Aliciasmith | last post by:
In an age dominated by smartphones, having a mobile app for your business is no longer an option; it's a necessity. Whether you're a startup or an established enterprise, finding the right mobile app...
Mobile Development
0
tracyyun
Can faster file sharing be achieved by connecting computers simultaneously via WiFi and LAN cables
by: tracyyun | last post by:
Hello everyone, I have a question and would like some advice on network connectivity. I have one computer connected to my router via WiFi, but I have two other computers that I want to be able to...
Networking - Hardware / Configuration
3
NeoPa
VBA Class Basics
by: NeoPa | last post by:
Introduction For this article I'll be using a very simple database which has Form (clsForm) & Report (clsReport) classes that simply handle making the calling Form invisible until the Form, or all...
Microsoft Access / VBA
1
Report value list
by: Teri B | last post by:
Hi, I have created a sub-form Roles. In my course form the user selects the roles assigned to the course. 0ne-to-many. One course many roles. Then I created a report based on the Course form and...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 1 Nov - Using SQL Server skills to extend Access
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 1 Nov 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM) Please note that the UK and Europe revert to winter time on...
Microsoft Access / VBA
0
isladogs
Access Europe Meeting - Wed 6 Dec - Streamline Your Import/Export Spec Workflow with VBA Classes
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
Microsoft Access / VBA
4
Take a Database to the Next Level
by: GKJR | last post by:
Does anyone have a recommendation to build a standalone application to replace an Access database? I have my bookkeeping software I developed in Access that I would like to make available to other...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2023
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!