473,396 Members | 2,013 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > folder permissions

Join Bytes to post your question to a community of 473,396 software developers and data experts.

folder permissions

Using Asp.Net/VB.Net on a Win2003 server

I need to determine if a Windows user has access to a folder on a local
drive.
One option is to impersonate, but I've read that impersonating is not
scalable via web application.

The scenario is this...

I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system

I'm trying to mimic that authentication process FTP utilizes.
So I'm doing a normal HTTPS file upload while passing Windows credentials in
the HTTPS headers .
The calling application determines the folder where the file should be
placed. Now the server app needs to determine if the user (based on name
and password) has access to the requested folder.

Am I approaching this all wrong ? If so, what is a better way, or what API
calls should I be using to authenticate user against requested folder.

Thanks a bunch !
Bill
Jul 28 '05 #1
2 2710
Bill,
I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system.


Hmm, I'm not sure if it possible to achieve what you are trying to do.

You say that you have the user name and password of the client. Without
logging in (impersonating as) that given user, you cannot check if the
password given is actually valid. At least I'm not aware of a way to do
this.

However, there are API functions that you can use to check if you could
access a file given a SID of a user. Could you have such a SID somehow? If
yes, see for example the functions GetFileSecurity and AccessCheck.

If you are instead able to login as the client (impersonate), then Windows
itself will tell you if the user can access the file -- or you will get an
error. This is automatic and requires no additional code from your part.
This is the method I would recommend, despite the scalability issues. But in
my opinion you cannot avoid them.

Hope this helps to give some directions.

--
Regards,

Mr. Jani Järvinen
C# MVP
Helsinki, Finland
ja***@removethis.dystopia.fi
http://www.saunalahti.fi/janij/
Jul 30 '05 #2
Thanks Jani,

I may at least try impersonating to see what peformance looks like.
I assume the FTP protocol did the same thing anyway.

Bill
"Jani Järvinen [MVP]" <ja***@removethis.dystopia.fi> wrote in message
news:eI**************@tk2msftngp13.phx.gbl...
Bill,
I'm trying to replicate FTP functionality using HTTPS.
A user would normally login via FTP with their credentials, and FTP would
apply windows security when accessing file system.


Hmm, I'm not sure if it possible to achieve what you are trying to do.

You say that you have the user name and password of the client. Without
logging in (impersonating as) that given user, you cannot check if the
password given is actually valid. At least I'm not aware of a way to do
this.

However, there are API functions that you can use to check if you could
access a file given a SID of a user. Could you have such a SID somehow? If
yes, see for example the functions GetFileSecurity and AccessCheck.

If you are instead able to login as the client (impersonate), then Windows
itself will tell you if the user can access the file -- or you will get an
error. This is automatic and requires no additional code from your part.
This is the method I would recommend, despite the scalability issues. But
in my opinion you cannot avoid them.

Hope this helps to give some directions.

--
Regards,

Mr. Jani Järvinen
C# MVP
Helsinki, Finland
ja***@removethis.dystopia.fi
http://www.saunalahti.fi/janij/

Aug 4 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
folder permissions problem with chdir()
by: Andrew Crowe | last post by:
Hi guys, We're using the ISAPI version of PHP with IIS5.0 On some websites for some reason any php file in the websites root is given the path winnt/system32 (getcwd() returns...
PHP
7
Folder permissions
by: Kim Lots | last post by:
Hi Sorry to disturb you again but i really like to know what's the NTFS folder permissions on a "virtual directory" folder for a public webserver iis 5.x running ASP 3.0 with an Access DB on a...
ASP / Active Server Pages
3
Create a writable folder in aspnet setup project
by: roger | last post by:
I've created a web setup project for my aspnet app, and added a web folder item "tmp" to the File System editor under the web application folder. (My app uses this folder for generating image...
.NET Framework
0
Setting permissions on a folder using WMI
by: Praveen | last post by:
Hello. I am writing some code that accepts a DFS Link and Username and grants that User permissions to the physical directory that the DFS Link corresponds to. I am using the System.Management...
.NET Framework
7
Securing A Folder On A Server
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store...
Microsoft Access / VBA
2
Removing NTFS Folder Permissions On Win2000 In .NET Without using WMI
by: Ram | last post by:
Hey, I'v managed to find a way of adding NTFS permissions to a certain folder, But the problem is, the folder has a couple of inherited permissions which I want to delete. How can I remove the...
C# / C Sharp
6
Creating a Shared Folder
by: Jeff | last post by:
Hi - I understand how to create a directory folder, but how can I programatically create a _shared_ directory folder and set its permissions?? (I'm using VB.NET.) Thanks for your help. -...
Visual Basic .NET
5
How to tell if you have Read access to a network folder?
by: Mitchell S. Honnert | last post by:
Is there a way, given the full path of a folder on a network, that one can programatically tell if you have Read access to that folder? I have an application where the user is able to select a...
Visual Basic .NET
2
Folder permissions problem trying to run a PHP script
by: skinnybloke | last post by:
Hi - I have a file permissions problem with PHP. I am using a product called Actinic to develop a shopping cart. This creates a subfolder named ACATALOG into which it loads all of its files. The...
PHP
6
how does the app_data folder work
by: Andy Fish | last post by:
Hi, From what I can gather, under Asp.Net 2.0, it is safe to put data and config files underneath the app_data in the web root and they will not be served directly to the browser from a URL. ...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!