By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,836 Members | 1,876 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,836 IT Pros & Developers. It's quick & easy.

limiting access to files with asp.net

P: n/a
limiting access to files with asp.net

is there any way i can make a file only accessible to certain users of my
website? my files are to large to copy to a temp directory and they are of
many types, .exe .xsl .xml etc. i want an href to each file but only allow
users who have the right login-info in their session variable to get to the
files in their directory. is there something built into .net for doing this?
do i need to do some kind of isapi filter and then stream them?
Oct 14 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
There are two ways that come to mind.
1) Change the ACL on the file so that it maps to a particular user or group
and have your users log in using Windows Authentication
2) Put in an HTTP Module that will catch the request to the file, look up
the credentials of the user in your sql database and, if the file is not
allowed, change the request or reject the request. See
http://www.15seconds.com/issue/020417.htm

I haven't tried either but the second seems simpler in the long run.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"Daniel" <so*******************@yahoo.com> wrote in message
news:ee**************@TK2MSFTNGP12.phx.gbl...
limiting access to files with asp.net

is there any way i can make a file only accessible to certain users of my
website? my files are to large to copy to a temp directory and they are of
many types, .exe .xsl .xml etc. i want an href to each file but only allow
users who have the right login-info in their session variable to get to
the
files in their directory. is there something built into .net for doing
this?
do i need to do some kind of isapi filter and then stream them?

Oct 15 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.