Limiting access to user files

D

Dave Taylor

I have an old ASP application that I'm converting to ASPNET. The
application allows users to login, enter data, and run simulations on our
computers and the results are stored in a file the user then downloads. In
order to allow users to access only their files, in ASP I used to copy the
files to a temporary directory, allow the user to download them, then delete
the temp directory. I'm looking for a better way to do this. The user
login data is stored in a SQL Server database, and so using Windows-based
security doesnt work. Any ideas???

Thanks

Dave Taylor
Process Engineering Resources, Inc.
 
P

Peter O'Reilly

Here's on idea. If you are storing user login data in a SQL Server
database, why not do the same for the files? Specifically store the path of
the file (e.g. not its contents) in the database and have it related to some
user id or security credentials.
 
S

Steve C. Orr [MVP, MCSD]

B

bruce barker

you can use an httpmodule for this. you will have to map the extenstion of
the file to your module, so there is a little overhead in download because
of the asp.net processing.

if performance is key, write an isapi filter. C++ has wizards for this now.

-- bruce (sqlwork.com)
 
K

Kevin Spencer

You could always use an ASPX page to deliver the documents to the end user.
The documents could remain in a protected folder, and an ASPX page could be
used to open the file and stream it to the browser dynamically.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,731
Messages
2,569,432
Members
44,832
Latest member
GlennSmall

Latest Threads

Top