RE: Best way to secure binary files

From: Shaun (Shaun_at_discussions.microsoft.com)
Date: 07/09/04

  • Next message: Glenn Thimmes: "Re: Application Settings"
    Date: Fri, 9 Jul 2004 11:01:02 -0700
    
    

    There are a couple of methods you can use for this. One way is to use the Application Mappings of IIS, this can be done for the whole site or just some folders - perhaps the folder holding these resources.

    What you do is map the extension to the aspnet_isapi.dll - the same one used by .aspx files. This will mean that requests for these files go through the same process as aspx files (your secured pages).
    To do this open IIS admin MMC and right click on the folder you want to secure and select Properties. Then go to the Directory (or Home Directory) tab and click on the Configuration button. You'll then see the Mappings tab and you can add the mapping for your extensions - use the same dll that is mapped to .aspx

    It does mean some additional load on your servers, hence the suggestion that you place such files under a particular folder (and its subfolders) and secure this folder as above.

    There are other methods, but this is the quickest (I think).

    Shaun

    --------------------------
    Shaun Venus

    emailid: sunevnuahs
    domain: hotmail.com
    --------------------------

    "Janaka" wrote:

    > I've got certain report files on my admin section that i'd like to secure.
    > What is the best method of doing this on the web server? These could be any
    > type of file other than a web form - i.e. pdf, word, excel, ppt, etc.
    > They'll be in their own directory on the server. I am already using Forms
    > Authentication to allow access for administrators.
    >
    >
    >


  • Next message: Glenn Thimmes: "Re: Application Settings"

    Relevant Pages

    • Re: Please help refresh my memory on AD DC
      ... "Meinolf Weber" wrote: ... Remote server ... Also that one for IIS. ... On the server where the folder is located that you like to share ...
      (microsoft.public.windows.server.active_directory)
    • Re: Please help refresh my memory on AD DC
      ... "Meinolf Weber" wrote: ... In Server 2008 where do you change the local security policies for all ... On the server where the folder is located that you like to share you ... Ok I did post in the IIS newsgroups and in IIS.Net a few days back. ...
      (microsoft.public.windows.server.active_directory)
    • Re: Please help refresh my memory on AD DC
      ... "Meinolf Weber" wrote: ... In Server 2008 where do you change the local security policies for all ... On the server where the folder is located that you like to share you ... Ok I did post in the IIS newsgroups and in IIS.Net a few days back. ...
      (microsoft.public.windows.server.active_directory)
    • Re: Please help refresh my memory on AD DC
      ... "Meinolf Weber" wrote: ... Remote server ... Also that one for IIS. ... On the server where the folder is located that you like to share ...
      (microsoft.public.windows.server.active_directory)
    • Re: Please help refresh my memory on AD DC
      ... "Meinolf Weber" wrote: ... to open the folder properties, choose the sharing tab and do your settings. ... Ok I did post in the IIS newsgroups and in IIS.Net a few days back. ... Where would I go from here Locally at that server or on the DC? ...
      (microsoft.public.windows.server.active_directory)