limiting access to files with asp.net

  • Thread starter Thread starter Daniel
  • Start date Start date
D

Daniel

limiting access to files with asp.net

is there any way i can make a file only accessible to certain users of my
website? my files are to large to copy to a temp directory and they are of
many types, .exe .xsl .xml etc. i want an href to each file but only allow
users who have the right login-info in their session variable to get to the
files in their directory. is there something built into .net for doing this?
do i need to do some kind of isapi filter and then stream them?
 
There are two ways that come to mind.
1) Change the ACL on the file so that it maps to a particular user or group
and have your users log in using Windows Authentication
2) Put in an HTTP Module that will catch the request to the file, look up
the credentials of the user in your sql database and, if the file is not
allowed, change the request or reject the request. See
http://www.15seconds.com/issue/020417.htm

I haven't tried either but the second seems simpler in the long run.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
 
Back
Top