Securing files for download.
From: Steve Lloyd (steveRemoveThisNow_at_livenowpaylater.co.uk)
Date: Tue, 9 Dec 2003 19:44:44 -0000
I am trying to work out how I can secure files available for download on a
I have forms authentication set and can deny access to aspx file in a
directory using the web.config file which redirects to the login page and
works fine, however, if i have a downloadable in this directory people can
enter the URI of the file and download it without any login. I understand
that the web.config approach only secures .Net based resources but would
like to know if anyone has a solution/work around for this. I have thought
about storing the files in SQL which would require an aspx page to
authenticate to the server, I think this would work but SQL space costs much
more than web space ..
The webserver is a shared hosting solution so i do not have acces to the
windows level accounts.
Would appreciate some direction on this.
Thanks very much