How do I use ASP to download a file that has particular ntfs permissions

Discussion in 'ASP General' started by travelling_nerd, Jul 12, 2004.

  1. Hi,

    I'm trying to write a script that will allow validated users to
    download a file that has specific ntfs permissions. Here's a summary:

    Scenario:
    1) The name of the file is "binary.zip".
    2) I've created a local account on the server called "dl_user".
    3) dl_user is the only account that has permissions on binary.zip.
    4) I've written a script that validates several people to access a web
    page that has a link to binary.zip. However whenever they click it,
    they get prompted for a username and pw. If they enter the "dl_user"
    credentials, it works.

    Problem:
    I don't want these people to be prompted for the username and pw.
    Instead, I'd like IIS, through some ASP mechanism, to pass the dl_user
    credentials in the background so that the users are completely unaware
    of the account that has NTFS permissions to the file. Is there any way
    to do this?
    travelling_nerd, Jul 12, 2004
    #1
    1. Advertising

  2. travelling_nerd

    Patrice Guest

    You could also store the file somewhere else and stream it s content to the
    browser using an ASP page...

    --

    "travelling_nerd" <> a écrit dans le message de
    news:...
    > Hi,
    >
    > I'm trying to write a script that will allow validated users to
    > download a file that has specific ntfs permissions. Here's a summary:
    >
    > Scenario:
    > 1) The name of the file is "binary.zip".
    > 2) I've created a local account on the server called "dl_user".
    > 3) dl_user is the only account that has permissions on binary.zip.
    > 4) I've written a script that validates several people to access a web
    > page that has a link to binary.zip. However whenever they click it,
    > they get prompted for a username and pw. If they enter the "dl_user"
    > credentials, it works.
    >
    > Problem:
    > I don't want these people to be prompted for the username and pw.
    > Instead, I'd like IIS, through some ASP mechanism, to pass the dl_user
    > credentials in the background so that the users are completely unaware
    > of the account that has NTFS permissions to the file. Is there any way
    > to do this?
    Patrice, Jul 12, 2004
    #2
    1. Advertising

  3. "Patrice" <> wrote in message news:<>...
    > You could also store the file somewhere else and stream it s content to the
    > browser using an ASP page...
    >


    Thanks for the suggestion. Currently I have a redirect to the file,
    however, if someone knows the absolute http path to the file, they can
    get to it.

    Do you have any examples of "streaming files to browser"?

    Thanks.


    > --
    >
    > "travelling_nerd" <> a écrit dans le message de
    > news:...
    > > Hi,
    > >
    > > I'm trying to write a script that will allow validated users to
    > > download a file that has specific ntfs permissions. Here's a summary:
    > >
    > > Scenario:
    > > 1) The name of the file is "binary.zip".
    > > 2) I've created a local account on the server called "dl_user".
    > > 3) dl_user is the only account that has permissions on binary.zip.
    > > 4) I've written a script that validates several people to access a web
    > > page that has a link to binary.zip. However whenever they click it,
    > > they get prompted for a username and pw. If they enter the "dl_user"
    > > credentials, it works.
    > >
    > > Problem:
    > > I don't want these people to be prompted for the username and pw.
    > > Instead, I'd like IIS, through some ASP mechanism, to pass the dl_user
    > > credentials in the background so that the users are completely unaware
    > > of the account that has NTFS permissions to the file. Is there any way
    > > to do this?
    travelling_nerd, Jul 13, 2004
    #3
  4. That's a good tip. Thanks.


    "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:<#4$#>...
    > not 100% sure I got what you are after but this may help
    > http://www.darkfalz.com/1109
    > Otherwise search the web for "impersonate" as it pertains here.
    >
    > --
    > Curt Christianson
    > Owner/Lead Developer, DF-Software
    > Site: http://www.Darkfalz.com
    > Blog: http://blog.Darkfalz.com
    >
    >
    > "travelling_nerd" <> wrote in message
    > news:...
    > > Hi,
    > >
    > > I'm trying to write a script that will allow validated users to
    > > download a file that has specific ntfs permissions. Here's a summary:
    > >
    > > Scenario:
    > > 1) The name of the file is "binary.zip".
    > > 2) I've created a local account on the server called "dl_user".
    > > 3) dl_user is the only account that has permissions on binary.zip.
    > > 4) I've written a script that validates several people to access a web
    > > page that has a link to binary.zip. However whenever they click it,
    > > they get prompted for a username and pw. If they enter the "dl_user"
    > > credentials, it works.
    > >
    > > Problem:
    > > I don't want these people to be prompted for the username and pw.
    > > Instead, I'd like IIS, through some ASP mechanism, to pass the dl_user
    > > credentials in the background so that the users are completely unaware
    > > of the account that has NTFS permissions to the file. Is there any way
    > > to do this?
    travelling_nerd, Jul 13, 2004
    #4
  5. travelling_nerd

    Patrice Guest

    See :
    http://support.microsoft.com/default.aspx?scid=KB;en-us;276488
    (How To Use the ADODB.Stream Object To Send Binary Files to the Browser
    through ASP)

    This one may also helps :
    http://support.microsoft.com/default.aspx?kbid=260519
    (shows how to raise the download dialog)

    Patrice


    --

    "travelling_nerd" <> a écrit dans le message de
    news:...
    > "Patrice" <> wrote in message

    news:<>...
    > > You could also store the file somewhere else and stream it s content to

    the
    > > browser using an ASP page...
    > >

    >
    > Thanks for the suggestion. Currently I have a redirect to the file,
    > however, if someone knows the absolute http path to the file, they can
    > get to it.
    >
    > Do you have any examples of "streaming files to browser"?
    >
    > Thanks.
    >
    >
    > > --
    > >
    > > "travelling_nerd" <> a écrit dans le message de
    > > news:...
    > > > Hi,
    > > >
    > > > I'm trying to write a script that will allow validated users to
    > > > download a file that has specific ntfs permissions. Here's a summary:
    > > >
    > > > Scenario:
    > > > 1) The name of the file is "binary.zip".
    > > > 2) I've created a local account on the server called "dl_user".
    > > > 3) dl_user is the only account that has permissions on binary.zip.
    > > > 4) I've written a script that validates several people to access a web
    > > > page that has a link to binary.zip. However whenever they click it,
    > > > they get prompted for a username and pw. If they enter the "dl_user"
    > > > credentials, it works.
    > > >
    > > > Problem:
    > > > I don't want these people to be prompted for the username and pw.
    > > > Instead, I'd like IIS, through some ASP mechanism, to pass the dl_user
    > > > credentials in the background so that the users are completely unaware
    > > > of the account that has NTFS permissions to the file. Is there any way
    > > > to do this?
    Patrice, Jul 13, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Morten V. Pedersen

    NTFS permissions for ASP.NET user

    Morten V. Pedersen, Oct 22, 2003, in forum: ASP .Net Security
    Replies:
    4
    Views:
    110
    Jacob Yang [MSFT]
    Oct 29, 2003
  2. Alex Maghen
    Replies:
    0
    Views:
    154
    Alex Maghen
    Feb 3, 2005
  3. Dmitry Maslakov

    Changing NTFS permissions in ASP.NET

    Dmitry Maslakov, Mar 3, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    153
    Dmitry Maslakov
    Mar 3, 2005
  4. Ron Gibson
    Replies:
    6
    Views:
    116
    Evertjan.
    Dec 22, 2004
  5. Chris
    Replies:
    1
    Views:
    109
    Chris
    Feb 7, 2006
Loading...

Share This Page