Re: Role based security - file downloads
- From: "Mesan" <935main@xxxxxxxxx>
- Date: 23 Aug 2006 08:04:01 -0700
I tried that and now all forms authentication is being skipped - the
file is just being served directly.
:-(
Kevin Jones wrote:
In your web.config try adding the following
<httpHandlers>
<add path="*.pdf" werb="*" type="System.Web.StaticFileHandler"
validate="true"/>
</httpHandlers>
This works for me,
Kevin
Mesan wrote:
I sincerely appreciate your responce but I must be doing somethingn
wrong becaust it's still not working. I wish I could paste some
screenshots to show you how I've got it set up but it's exactly how you
and the Microsoft article said to set it up -- it works great to a
point though. If an unauthenticated person requests the document they
are redirected to the loign page -- perfect. They log in and then in
IE they get the error I posted above or it Firefox the just kind of
freezes with "secret.pdf (application/pdf Object)" in the titlebar --
not perfect. I know I'm close but I'm still missing some little step
somewhere. I tried playing with the HttpHandlers in machine.config but
that just circumvented the asp.net authentication.
???
Kevin Jones wrote:
In IIS, under the properties for your website, go to the "home
directory" tab and select "configuration..." You can add the .pdf
handler there (copy the name of the executable from the .aspx handler).
In .aspx you may need to add an <httpHandler (look in
c:\windows\microsoft.net\framework\v2.0.50727\config\web.config.comments
for an example), although I believe the default handler should work,
Kevin
Mesan wrote:
And just how would one "map the .pdf to the asp.net handler then make
sure PDFs are processed as static files by the ASP runtime"? I think
that's the route I want to take, I just don't know how to do it.
Thanks,
Mesan
Kevin Jones wrote:
IIS is handling the mapping so you need to change the behaviour there.
One way to do this is in IIS map the .PDF to the ASP.Net handler then
make sure PDFs are processed as static files by the ASP runtime,
Kevin
Mesan wrote:
I have a directory in an app I'm building that has access limited to
users within a specific role and all aspx pages in that directory are
unavailable just as I'd hope but other files (pdfs and whatnot) can be
downloaded by anyone without authenticating or anything. What does it
take for the use to be redirected to the login page when they try to
access mysite/private/secrets.pdf ?
.
- Follow-Ups:
- Re: Role based security - file downloads
- From: Kevin Jones
- Re: Role based security - file downloads
- References:
- Role based security - file downloads
- From: Mesan
- Re: Role based security - file downloads
- From: Kevin Jones
- Re: Role based security - file downloads
- From: Mesan
- Re: Role based security - file downloads
- From: Kevin Jones
- Re: Role based security - file downloads
- From: Mesan
- Re: Role based security - file downloads
- From: Kevin Jones
- Role based security - file downloads
- Prev by Date: Re: textbox in user control losing values during post back
- Next by Date: Re: It's trying to compile my JavaScript?
- Previous by thread: Re: Role based security - file downloads
- Next by thread: Re: Role based security - file downloads
- Index(es):
Relevant Pages
|
