S
Steve Lloyd
Hi,
I am trying to work out how I can secure files available for download on a
website.
I have forms authentication set and can deny access to aspx file in a
directory using the web.config file which redirects to the login page and
works fine, however, if i have a downloadable in this directory people can
enter the URI of the file and download it without any login. I understand
that the web.config approach only secures .Net based resources but would
like to know if anyone has a solution/work around for this. I have thought
about storing the files in SQL which would require an aspx page to
authenticate to the server, I think this would work but SQL space costs much
more than web space ..
The webserver is a shared hosting solution so i do not have acces to the
windows level accounts.
Would appreciate some direction on this.
Thanks very much
Steve
I am trying to work out how I can secure files available for download on a
website.
I have forms authentication set and can deny access to aspx file in a
directory using the web.config file which redirects to the login page and
works fine, however, if i have a downloadable in this directory people can
enter the URI of the file and download it without any login. I understand
that the web.config approach only secures .Net based resources but would
like to know if anyone has a solution/work around for this. I have thought
about storing the files in SQL which would require an aspx page to
authenticate to the server, I think this would work but SQL space costs much
more than web space ..
The webserver is a shared hosting solution so i do not have acces to the
windows level accounts.
Would appreciate some direction on this.
Thanks very much
Steve