authenticating access to files from ASP.NET

J

John Challis

I want to restrict access to files (on local and remote servers) without
requiring users to log in to my ASP.NET application. The users are on an
intranet, anonymous access is disabled and Integrated Windows Authentication
is enabled.

Now, how can we determine if the current authenticated user has access to
specific local and remote files on other Windows servers within the domain?

Please note, we do not wish to restrict access to web pages - but to any file.

Thanks in advance.
 
J

Joe Kaplan \(MVP - ADSI\)

The right way to do this is to impersonate the user and try to access the
file. It will throw an exception if you can't access it.

For the remote files on a file share, you'll also need Kerberos delegation
to make that work as that involves an extra machine hop and that is only
supported with delegation.

If you want a friendly way to check in advance if the user will have access
to the file before attempting to open it (or list it), then you probably
need to look at doing p/invoke and using the security APIs like AccessCheck.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

authenticating username/password against Active Directory 1
not properly authenticating? 0
I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
Windows authentication from ASP.NET to SQL Server 2
ACCESS AN ACCESS DATABASE FROM ASP.NET INTRANET SCENARIO 2
Problem authenticating to sql server from asp.net 1
: Remote access and ASP.Net security 0
Restricting access to sub folders and files. 1

Members online

Total: 52 (members: 3, guests: 49)
Robots: 471

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top