Ask a Question related to ASP.NET Security, Design and Development.
-
lawrence #1
Use asp.net to protect file types
[url]http://support.microsoft.com/?id=815152[/url] (Edit the script mappings in
Internet Services Mananger to protect pdf's with aspnet)
I have a site that has multiple pdf's for download and multiple users
who will download the .pdf's. I secured the site using the above
article. I created an "admin" app that assigns users to .pdf's and I
create links to the .pdf's based on that app.
My problem is that once the user logs into the app. he has access to
all the .pdf's if he simple types the URL in the address bar. I'm not
sure the authentication "role" model with groups will work because I
would need a group for each PDF and I would need to create the groups
programmatically every time an "admin" adds a PDF to the "download"
share.
Thanks
--Dietrich
lawrence Guest
-
Can I password-protect a PDF file?
I'm trying to set up a site with a 'members-only' area that contains PDF files. Is there some way to password-protect the files themselves, or do I... -
Protect file with different extension from .aspx
Hi, I'm developing an asp.net application. I'm using form authentication. All runs with page aspx, but when I try to connect to a protected file... -
Can I Password-Protect Parts of a PDF File?
Hello. I have Acrobat 6.0 Professional. I'd like to know if it's possible to create a password-protected PDF file that can limit viewing of... -
password protect an xml/rss file
i need to assign an rss/xml file to each user this file will be accessed most likely through an rss aggregator (user/pass credentials for file)... -
password protect .fla file ?
Hi all Is there a way for me to password protect my .fla and .swf files ? So that ? say someone comes up to my desktop, and is prompted for a... -
Jim Cheshire [MSFT] #2 RE: Use asp.net to protect file types
Dietrich,
If you are following the article explicitly, any request for a PDF file
will be processed through the HttpForbiddenHandler and any attempt to hit
them will generate an error telling you that files of that type cannot be
served. From what you are saying, it seems as though this is not what you
want to do. Instead, you want to disallow hitting these files unless a
user has met some requirement such as role membership. Is that correct?
If that's the case, you should probably consider storing the PDFs outside
of your content area and then using Response.BinaryWrite to stream the file
assuming the user has permission to get it.
Jim Cheshire [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------22:09:19 GMT)>From: [email]dwlawren@staff.uiuc.edu[/email] (lawrence)
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Subject: Use asp.net to protect file types
>Date: 14 Oct 2003 15:09:19 -0700
>Organization: [url]http://groups.google.com[/url]
>Lines: 18
>Message-ID: <aca0cbec.0310141409.1539524b@posting.google.com >
>NNTP-Posting-Host: 130.126.240.97
>Content-Type: text/plain; charset=ISO-8859-1
>Content-Transfer-Encoding: 8bit
>X-Trace: posting.google.com 1066169359 32629 127.0.0.1 (14 Oct 2003cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin>X-Complaints-To: [email]groups-abuse@google.com[/email]
>NNTP-Posting-Date: Tue, 14 Oct 2003 22:09:19 +0000 (UTC)
>Path:
e.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!postnew s1.google.com!no
t-for-mailmicrosoft.public.dotnet.framework.aspnet.security: 7165>Xref: cpmsftngxa06.phx.gbl>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>[url]http://support.microsoft.com/?id=815152[/url] (Edit the script mappings in
>Internet Services Mananger to protect pdf's with aspnet)
>
>
>I have a site that has multiple pdf's for download and multiple users
>who will download the .pdf's. I secured the site using the above
>article. I created an "admin" app that assigns users to .pdf's and I
>create links to the .pdf's based on that app.
>
>My problem is that once the user logs into the app. he has access to
>all the .pdf's if he simple types the URL in the address bar. I'm not
>sure the authentication "role" model with groups will work because I
>would need a group for each PDF and I would need to create the groups
>programmatically every time an "admin" adds a PDF to the "download"
>share.
>
>Thanks
>--Dietrich
>Jim Cheshire [MSFT] Guest
-
Dinis Cruz #3 Re: Use asp.net to protect file types
Hello
Please see my answer in this post
[url]http://www.asp.net/Forums/ShowPost.aspx?tabindex=1&PostID=362002[/url]
It contains a solution for your problem
Best regards
Dinis Cruz
..Net Security Consultant
DDPlus ([url]www.ddplus.net[/url])
[email]dwlawren@staff.uiuc.edu[/email] (lawrence) wrote in message news:<aca0cbec.0310141409.1539524b@posting.google. com>...> [url]http://support.microsoft.com/?id=815152[/url] (Edit the script mappings in
> Internet Services Mananger to protect pdf's with aspnet)
>
>
> I have a site that has multiple pdf's for download and multiple users
> who will download the .pdf's. I secured the site using the above
> article. I created an "admin" app that assigns users to .pdf's and I
> create links to the .pdf's based on that app.
>
> My problem is that once the user logs into the app. he has access to
> all the .pdf's if he simple types the URL in the address bar. I'm not
> sure the authentication "role" model with groups will work because I
> would need a group for each PDF and I would need to create the groups
> programmatically every time an "admin" adds a PDF to the "download"
> share.
>
> Thanks
> --DietrichDinis Cruz Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
