Re: Forms authentication to protect non-aspx files?

Discussion in 'ASP .Net' started by Peter Rilling, Jun 7, 2004.

  1. Yes and no.

    All files processed by the aspnet_isapi.dll may be able to be protected in
    that way. If you define that filetype as being processed by the above
    filter, then theoretically you should be able to protect it this way. This
    would only be able to be done for static files, you would not be able to
    protect legacy ASP page this way because they are required to go through
    their own engine.

    Having said that, I do not know what side effects this might produce.

    Another alternative would be to move all those files outside of your website
    and to write some ASP.NET page that acts as a proxy and streams the content
    to the browser. This page would definitely be protected by forms
    authentication and the files would not be accessible if outside of the
    website.


    "Jim" <> wrote in message
    news:...
    > Hi,
    >
    > Is there a way to use forms authentication to also deny access to someone

    who has a direct link to a file which is not .aspx?
    > i.e. Currently, someone can access a file at

    http://www.website.com/info/file.pdf if they type in the url directly. Is
    there a way to stop this?
    >
    > Thank you for your help.
    >
    > Jim
     
    Peter Rilling, Jun 7, 2004
    #1
    1. Advertising

  2. "Peter Rilling" <> wrote in message
    news:eUdE%...
    > Yes and no.
    >
    > All files processed by the aspnet_isapi.dll may be able to be protected in
    > that way. If you define that filetype as being processed by the above
    > filter, then theoretically you should be able to protect it this way.

    This
    > would only be able to be done for static files, you would not be able to
    > protect legacy ASP page this way because they are required to go through
    > their own engine.
    >
    > Having said that, I do not know what side effects this might produce.


    The only "side effects" come into play when you're processing very large
    files. The files are read into memory completely before being sent to the
    client, so if you've got a 50Mb file, you can have problems.

    There should be no problem at all for a normal .pdf file.

    --
    John Saunders
    johnwsaundersiii at hotmail
     
    John Saunders, Jun 7, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    4
    Views:
    597
  2. Alan Silver
    Replies:
    7
    Views:
    550
    Alan Silver
    Jan 3, 2006
  3. Ronald S. Cook
    Replies:
    4
    Views:
    1,046
    Erik Funkenbusch
    Mar 13, 2006
  4. Ronald S. Cook
    Replies:
    1
    Views:
    571
    Edwin Knoppert
    Apr 12, 2006
  5. Steve R.
    Replies:
    4
    Views:
    148
    Steve R.
    Jun 21, 2004
Loading...

Share This Page