Re: Using NTFS security to protect files served via asp/iis

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: travelling_nerd (travelling_nerd_at_yahoo.com)
Date: 04/06/04 

Date: 5 Apr 2004 19:01:02 -0700

"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message news:<c4bsnt$4rv18@kcweb01.netnews.att.com>...
> "travelling_nerd" <travelling_nerd@yahoo.com> wrote in message
> news:960eff8b.0403291922.95c19fd@posting.google.com...
> > Folks:
> >
> > I have some zip files I'd like to serve to authenticated users on my
> > site, but would like to prevent unauthorized users from using an
> > absolute path to get to these zip files. For example
> > http://blah.com/file.zip should not be accessible directly without
> > authenticating. However, my current authenticaion goes to an LDAP
> > server and I'd rather not prompt users for another username and
> > password.
> >
> > The only way I can figure this is to create a local user account on
> > the server, then set it to have NTFS read permissions for file. The
> > tricky part is using asp to pass windows authentication information in
> > the background to the server. Once it's authenticated, the download
> > begins. If a user somehow figures the absolute path to ther file, he
> > should be prevented from downloading it.
> >
> > Is this possible?
>
> The whole NTFS part is simple. I'm not sure I understand why you want ASP
> to be involved.
>

Sorry for the lack of clarity. What I want to do is authenticate, via
asp, access to a file that has specific ntfs permissions. For example.
A local user on the server is called "bob". I want only "bob" to
download the file, but I don't want the web browser to prompt him for
his username and pw. I want to hard code it in asp. Only bob will know
the url to the file.

Relevant Pages

  • Re: POP3 DNS problem?
    ... Make sure you are authenticating using the logon email address that is under ... The Exchange server had been spitting out ... >> the LogOn account of the Exchange POP3 service, ... It would seem that the connection is getting through to the ...
    (microsoft.public.exchange.admin)
  • AD domain authentication through VPN
    ... Remote WinXP SP2 Laptop ... Cisco VPN Server ... for authenticating my machines through the VPN against my domain DC's. ... I configured the VPN client connection ...
    (microsoft.public.windowsxp.network_web)
  • Re: Trust between two Forests Fail
    ... We are a Forward Look Up Zone in their Windows DNS and They are ... Never set two DNS Server sets to forward ... Either the other uses isn't an Admin or isn't properly authenticating ... Active Directory Users and Computers" "Connect to ...
    (microsoft.public.windows.server.active_directory)
  • Strange Outlook 2007 SMTP Authentication Problem (Vista SP2 Issue?
    ... Linux server indicated the problem. ... connection instead of authenticating. ... Next I check the account settings in Outlook. ... The test message from the "Test Account Settings" button works fine. ...
    (microsoft.public.outlook.general)
  • Re: Massive queues in Exchange
    ... relaying from your server. ... If both of those are OK, we need to check for a compromised account. ... Check the number of Queues. ... These will contain information on who is authenticating to drop off ...
    (microsoft.public.exchange2000.win2000)