Authorization

Discussion in 'ASP .Net' started by Andrew Robinson, Oct 24, 2005.

  1. I have a single web page and associated PDF that I need to protect within a
    larger web site. What is the easiest way to do that. Go gain access, users
    will go to a page and enter a password. This is for a promotion that we are
    doing and I don't need to assign or track usernames. Everyone uses the same
    password that is supplied via a usps mailing.

    I can place the page and PDF in a sub directory if that helps.

    -Andrew
    Andrew Robinson, Oct 24, 2005
    #1
    1. Advertising

  2. Hi Andrew,

    Welcome to ASPNET newsgroup.
    From your description, you have a certain pdf file which need to be exposed
    to client users through asp.net web page. And you also need to protect the
    pdf file from being accessed by unauthenticated users, yes?

    If so, I think we can just put the user login UI on the web page so let the
    user input username password and in the submit button's postback event, do
    the user validation. If the user is a valid user, we just retrieve the PDF
    file's binary stream and write it out to the page's response stream.

    We can store the PDF file on physical dir as a pdf file or in database.
    Anyway, it's better not to put the file in web application's virtual dir so
    as to prevent it be browsed by unexpected users. Here is a kb article
    mentioned streaming out binary file (on disk) to asp.net page's resposne.

    #How To Write Binary Files to the Browser Using ASP.NET and Visual C# .NET
    http://support.microsoft.com/?id=306654

    Hope helps. Thanks,

    Steven Cheng
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)




    --------------------
    | From: "Andrew Robinson" <>
    | Subject: Authorization
    | Date: Mon, 24 Oct 2005 14:06:32 -0700
    | Lines: 11
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
    | X-RFC2646: Format=Flowed; Original
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
    | Message-ID: <>
    | Newsgroups: microsoft.public.dotnet.framework.aspnet
    | NNTP-Posting-Host: 216.57.203.121
    | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl
    microsoft.public.dotnet.framework.aspnet:133569
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
    |
    | I have a single web page and associated PDF that I need to protect within
    a
    | larger web site. What is the easiest way to do that. Go gain access,
    users
    | will go to a page and enter a password. This is for a promotion that we
    are
    | doing and I don't need to assign or track usernames. Everyone uses the
    same
    | password that is supplied via a usps mailing.
    |
    | I can place the page and PDF in a sub directory if that helps.
    |
    | -Andrew
    |
    |
    |
    Steven Cheng[MSFT], Oct 25, 2005
    #2
    1. Advertising

  3. Hi Andrew,

    How are you doing on this issue, does the suggestions in my last reply
    helps a little? If there're anything else we can help, please feel free to
    post here. Thanks,

    Steven Cheng
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)

    --------------------
    | X-Tomcat-ID: 55613072
    | References: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain
    | Content-Transfer-Encoding: 7bit
    | From: (Steven Cheng[MSFT])
    | Organization: Microsoft
    | Date: Tue, 25 Oct 2005 03:02:43 GMT
    | Subject: RE: Authorization
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
    | Message-ID: <>
    | Newsgroups: microsoft.public.dotnet.framework.aspnet
    | Lines: 60
    | Path: TK2MSFTNGXA01.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl
    microsoft.public.dotnet.framework.aspnet:133627
    | NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
    |
    | Hi Andrew,
    |
    | Welcome to ASPNET newsgroup.
    | From your description, you have a certain pdf file which need to be
    exposed
    | to client users through asp.net web page. And you also need to protect
    the
    | pdf file from being accessed by unauthenticated users, yes?
    |
    | If so, I think we can just put the user login UI on the web page so let
    the
    | user input username password and in the submit button's postback event,
    do
    | the user validation. If the user is a valid user, we just retrieve the
    PDF
    | file's binary stream and write it out to the page's response stream.
    |
    | We can store the PDF file on physical dir as a pdf file or in database.
    | Anyway, it's better not to put the file in web application's virtual dir
    so
    | as to prevent it be browsed by unexpected users. Here is a kb article
    | mentioned streaming out binary file (on disk) to asp.net page's resposne.
    |
    | #How To Write Binary Files to the Browser Using ASP.NET and Visual C# .NET
    | http://support.microsoft.com/?id=306654
    |
    | Hope helps. Thanks,
    |
    | Steven Cheng
    | Microsoft Online Support
    |
    | Get Secure! www.microsoft.com/security
    | (This posting is provided "AS IS", with no warranties, and confers no
    | rights.)
    |
    |
    |
    |
    | --------------------
    | | From: "Andrew Robinson" <>
    | | Subject: Authorization
    | | Date: Mon, 24 Oct 2005 14:06:32 -0700
    | | Lines: 11
    | | X-Priority: 3
    | | X-MSMail-Priority: Normal
    | | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
    | | X-RFC2646: Format=Flowed; Original
    | | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
    | | Message-ID: <>
    | | Newsgroups: microsoft.public.dotnet.framework.aspnet
    | | NNTP-Posting-Host: 216.57.203.121
    | | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
    | | Xref: TK2MSFTNGXA01.phx.gbl
    | microsoft.public.dotnet.framework.aspnet:133569
    | | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
    | |
    | | I have a single web page and associated PDF that I need to protect
    within
    | a
    | | larger web site. What is the easiest way to do that. Go gain access,
    | users
    | | will go to a page and enter a password. This is for a promotion that we
    | are
    | | doing and I don't need to assign or track usernames. Everyone uses the
    | same
    | | password that is supplied via a usps mailing.
    | |
    | | I can place the page and PDF in a sub directory if that helps.
    | |
    | | -Andrew
    | |
    | |
    | |
    |
    |
    Steven Cheng[MSFT], Oct 27, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Edward Jones
    Replies:
    0
    Views:
    507
    Edward Jones
    Aug 7, 2003
  2. Brent Burkart

    url-based authorization

    Brent Burkart, Oct 16, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    335
    Brent Burkart
    Oct 16, 2003
  3. Guest
    Replies:
    0
    Views:
    401
    Guest
    Nov 3, 2003
  4. poi
    Replies:
    1
    Views:
    653
    Sanjay Tibrewal
    Nov 14, 2003
  5. SeanRW
    Replies:
    1
    Views:
    358
    Dominick Baier [DevelopMentor]
    May 25, 2006
Loading...

Share This Page