File authentication
-
I can set up a website with some folders requiring that users log in before being able to access the aspx pages therein using forms.authentication, and configuring web.config appropriately - all fine and dandy. So if, say, a protected folder is "members" and someone tries to access members/index.aspx they are redirected to a login page first. Great - but if there is a pdf in that folder, say members.pdf then ANYONE can still browse directly to members/members.pdf WITHOUT being logged in. How do I set about protecting .pdf, .doc, jpg etc files from unauthorised access in this way? Just a pointer will do.... thanks
-
I can set up a website with some folders requiring that users log in before being able to access the aspx pages therein using forms.authentication, and configuring web.config appropriately - all fine and dandy. So if, say, a protected folder is "members" and someone tries to access members/index.aspx they are redirected to a login page first. Great - but if there is a pdf in that folder, say members.pdf then ANYONE can still browse directly to members/members.pdf WITHOUT being logged in. How do I set about protecting .pdf, .doc, jpg etc files from unauthorised access in this way? Just a pointer will do.... thanks
Fred_Smith wrote:
How do I set about protecting .pdf, .doc, jpg etc files from unauthorised access in this way?
You can write the handler and allow .pdf/.doc/.jpg etc access only through application and stop them when trying to access through browser directly. Get it http://www.uberasp.net/getarticle.aspx?id=13[^]
------------------------------------------------------------ "The only true wisdom is in knowing you know nothing." --Socrates
-
Fred_Smith wrote:
How do I set about protecting .pdf, .doc, jpg etc files from unauthorised access in this way?
You can write the handler and allow .pdf/.doc/.jpg etc access only through application and stop them when trying to access through browser directly. Get it http://www.uberasp.net/getarticle.aspx?id=13[^]
------------------------------------------------------------ "The only true wisdom is in knowing you know nothing." --Socrates
good link - thanks
-
good link - thanks
You are welcome :)
------------------------------------------------------------ "The only true wisdom is in knowing you know nothing." --Socrates
-
You are welcome :)
------------------------------------------------------------ "The only true wisdom is in knowing you know nothing." --Socrates
hmm... tried that, word for word, and an even simpler "hello world" type example I found elsewhere (though it was the almost identical code) - and while it compiles fine, when I try to browse to an aspx file in the app I get the error: "Could not load type [class name] from assembly [assembly name]" (If I browse to a jpg - one of the filetypes I'm trying to protect - it is shown as normal.) I have tried googling this error, but have found nothing useful - just a reference to it possibly being to do with the GAC, but no help... ... I don't suppose you've got any ideas...? cheers Fred