Impersonate..

[tascien]

I know ASP.NET Forms Auth. do not protect files that are not ASP.NET
other files and I want to protect *.* in a folder. so, IIS IIS mapping
is not an option, because i would have to create a map for each
possible file in the world...

Is it possible to set NTFS security on a folder, and then use
Impersonate feature of dotnet when user successfully logs in?

would that work?

 

[Patrice]

Not tried but looks like a possible solution.

Not sure what path you choosed for authentication.and permissions but my
personal preference is to store files outside of the web site and to stream
them using to the browser. Also having the permissions readily available
allows to create the list of available documents for the currently connected
user...

 

[tascien]

That sounds like an attractive option, but what would be the
implication for the following:

1. Server memory. Because it has to read the entire file first into the
memory before sending to user...
2. Some extensions such as .ram requires to pass through other server
filters.

what i really hoped is that i could change the user's current logon
upon successful forms auth.

Anybody can shed light on this???

 

[Nick Malik [Microsoft]]

Yes, if you have access to the user's full credentials, you can cause your
ASP.Net app to impersonate them, thus giving access to files based on user
or role.

See WindowsIdentity.Impersonate
http://msdn.microsoft.com/library/d...cipalwindowsidentityclassimpersonatetopic.asp


--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.