Re: Beginners ASP or IIS security problem
From: Tom Kaminski [MVP] ((A_at_T))
Date: 06/09/03
- Next message: Tom Kaminski [MVP]: "Re: secure sites"
- Previous message: J N Katzman-TCM: "Re: Error when access shared MDB files over LAN."
- In reply to: steve: "Beginners ASP or IIS security problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 9 Jun 2003 09:37:36 -0400
"steve" <s.tucker@tesco.net> wrote in message
news:0cbc01c32c89$07b574e0$a001280a@phx.gbl...
> I have written an asp application using SQL server,
> running on IIS 5, That
> secures access to files eg Doc, HTML, PDF etc.
>
> This works by checking security access and opening the
> results in a frame.
>
> The problem I have is that users could just access the
> Doc file directly if
> they happened to guess the file location on the server.
> Is there any way of
> limiting access to all files in a specific folder on the
> server and forcing
> users to access my application.
>
> Any help would be gratefully received.
If you don't want to use Windows authentication and security, your best bet
would be to put those files in a folder that is not under wwwroot (so they
can't be accessed directly via a URL) and use ADODB.Stream and
Response.BinaryWrite to serve them from an ASP after your security logic
requirements have been met.
http://support.microsoft.com/?kbid=276488
-- Tom Kaminski IIS MVP http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS http://mvp.support.microsoft.com/ http://www.microsoft.com/windowsserver2003/community/centers/iis/
- Next message: Tom Kaminski [MVP]: "Re: secure sites"
- Previous message: J N Katzman-TCM: "Re: Error when access shared MDB files over LAN."
- In reply to: steve: "Beginners ASP or IIS security problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
