Password on specific file

Discussion in 'ASP General' started by Lars Thomsen Nielsen, Sep 27, 2004.

  1. I have made a secure website which you can only get access to
    with right username and password. On this webpage I have some
    links to some pdf-files, but how can I avoid people from getting
    the file if they are not logged on first? As it is now they can
    easily get the file if they just know the exact URL-address, ex:
    www.website.com/dir/file1.pdf

    If people type the URL above I would like them to be redirected
    to the logon-page first.

    I can't use components or MS-Access database, so I'm looking for
    another solution. Hope somebody can help me.

    Best regards

    Lars
     
    Lars Thomsen Nielsen, Sep 27, 2004
    #1
    1. Advertising

  2. "Lars Thomsen Nielsen" <> wrote in message
    news:4158005c$0$250$...
    >I have made a secure website which you can only get access to
    > with right username and password. On this webpage I have some
    > links to some pdf-files, but how can I avoid people from getting
    > the file if they are not logged on first? As it is now they can
    > easily get the file if they just know the exact URL-address, ex:
    > www.website.com/dir/file1.pdf
    >
    > If people type the URL above I would like them to be redirected
    > to the logon-page first.
    >
    > I can't use components or MS-Access database, so I'm looking for
    > another solution. Hope somebody can help me.


    Place the PDF file outside the web root so it does not have a URL and call
    an ASP that uses ADODB.Stream and Response.BinaryWrite to serve the file
    (after the user has passed your authentication).

    http://support.microsoft.com/default.aspx?scid=kb;en-us;276488&Product=asp

    --
    Tom Kaminski IIS MVP
    http://www.microsoft.com/windowsserver2003/community/centers/iis/
    http://mvp.support.microsoft.com/
    http://www.iisfaq.com/
    http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
    http://www.tryiis.com
     
    Tom Kaminski [MVP], Sep 27, 2004
    #2
    1. Advertising

  3. > Place the PDF file outside the web root so it does not have a
    URL and
    > call an ASP that uses ADODB.Stream and Response.BinaryWrite to

    serve
    > the file (after the user has passed your authentication).


    How do I place the file outside the web root? As I see it I can't
    goto a "lower" path than the place where the index.htm is. On my
    webserver there are however paths called "_vti_bin", "_vti_cnf",
    "_vti_pvt" etc. I don't much about these, but is it one of these
    you are talking about?

    PS. I heard that reading files using BinaryRead should be a very
    slow way to get large files. Is that correct?

    Lars
     
    Lars Thomsen Nielsen, Sep 28, 2004
    #3
  4. Lars Thomsen Nielsen

    Joker Guest

    Lets say you are using the default location for your root web of
    "C:\Inetpub\wwwroot" (just for arguments sake). You are being told not
    to put it in that folder or any of it's sub folders.

    So basically put it in a folder like this one "C:\downloads". Then it
    will be out of the web. Those _vti* folders are created by the
    FrontPage Server extensions.

    Lars Thomsen Nielsen wrote:
    >>Place the PDF file outside the web root so it does not have a

    >
    > URL and
    >
    >>call an ASP that uses ADODB.Stream and Response.BinaryWrite to

    >
    > serve
    >
    >>the file (after the user has passed your authentication).

    >
    >
    > How do I place the file outside the web root? As I see it I can't
    > goto a "lower" path than the place where the index.htm is. On my
    > webserver there are however paths called "_vti_bin", "_vti_cnf",
    > "_vti_pvt" etc. I don't much about these, but is it one of these
    > you are talking about?
    >
    > PS. I heard that reading files using BinaryRead should be a very
    > slow way to get large files. Is that correct?
    >
    > Lars
    >
    >
     
    Joker, Sep 28, 2004
    #4
  5. > So basically put it in a folder like this one "C:\downloads".
    Then it
    > will be out of the web.


    OK, I might have to say that I don't own the webserver. I have
    bought space on a webhotel, so as I see it I can't create a
    folder as you described since I don't have access to the C-drive,
    or am I wrong?

    Lars
     
    Lars Thomsen Nielsen, Sep 28, 2004
    #5
  6. "Lars Thomsen Nielsen" <> wrote in message
    news:415966cb$0$248$...
    >> So basically put it in a folder like this one "C:\downloads".

    > Then it
    >> will be out of the web.

    >
    > OK, I might have to say that I don't own the webserver. I have
    > bought space on a webhotel, so as I see it I can't create a
    > folder as you described since I don't have access to the C-drive,
    > or am I wrong?


    You're probably right. Contact your host to discuss your options.

    --
    Tom Kaminski IIS MVP
    http://www.microsoft.com/windowsserver2003/community/centers/iis/
    http://mvp.support.microsoft.com/
    http://www.iisfaq.com/
    http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
    http://www.tryiis.com
     
    Tom Kaminski [MVP], Sep 28, 2004
    #6
  7. > You're probably right. Contact your host to discuss your
    options.

    They are to cheap, so they don't give that kind of support...

    Thanks for your suggestions though.

    If somebody comes up with an alternative solution I would be glad
    to hear about it.

    Lars
     
    Lars Thomsen Nielsen, Sep 29, 2004
    #7
  8. Lars Thomsen Nielsen

    Joker Guest

    If it's a PDF file you created, you can enter a username & password into
    the file itself, so that without the password the file is useless.

    Lars Thomsen Nielsen wrote:

    >>You're probably right. Contact your host to discuss your

    >
    > options.
    >
    > They are to cheap, so they don't give that kind of support...
    >
    > Thanks for your suggestions though.
    >
    > If somebody comes up with an alternative solution I would be glad
    > to hear about it.
    >
    > Lars
    >
    >
     
    Joker, Sep 29, 2004
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SmF2?=

    Is ViwState Page-Specific or UserControl-Specific

    =?Utf-8?B?SmF2?=, Aug 16, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    547
    =?Utf-8?B?SmF2?=
    Aug 16, 2006
  2. AAaron123
    Replies:
    2
    Views:
    2,198
    AAaron123
    Jan 16, 2009
  3. AAaron123
    Replies:
    1
    Views:
    1,353
    Oriane
    Jan 16, 2009
  4. mazdotnet
    Replies:
    2
    Views:
    405
    Alexey Smirnov
    Oct 2, 2009
  5. William FERRERES
    Replies:
    7
    Views:
    220
    William FERRERES
    Jul 9, 2007
Loading...

Share This Page