Re: Protect PDF files via ASP?
From: Brian Madden (brian_at_brianmadden.com)
Date: 02/25/05
- Next message: Jeff Cochran: "Re: Protect PDF files via ASP?"
- Previous message: Jeff Cochran: "Re: Zip files"
- In reply to: Tom Kaminski [MVP]: "Re: Protect PDF files via ASP?"
- Next in thread: Jeff Cochran: "Re: Protect PDF files via ASP?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 25 Feb 2005 10:15:12 -0500
Awesome guys, thanks a lot!
Do any of you have any experience with "Coldlink?" It's a product that does
dynamic URL rewriting that includes keys in the URL that are only valid for
5 minutes. (It works as an asapi filter.) In my case I want my solution to
be as "real" or "normal" as possible. I have people who will be downloading
large video files from a conference, so each file could be several hundred
megabytes.
Thanks again.. I'll be checking this stuff out today.
Brian
"Tom Kaminski [MVP]" <tomk (A@T) mvps (D.O.T) org> wrote in message
news:e10$kM0GFHA.432@TK2MSFTNGP09.phx.gbl...
> "Brian Madden" <brian@brianmadden.com> wrote in message
> news:#vxUbtuGFHA.580@TK2MSFTNGP15.phx.gbl...
>> Hello All,
>>
>> I have what I thought would be a simple problem although I've been
> searching
>> for a few hours with no luck.
>>
>> I have several PDF and MPG files I would like to provide to users to
>> download via HTTP. I also have a database of user accounts. I would like
> to
>> protect the PDF and MPG files so that users cannot "save target as" or
> "view
>> source" to directly link to the files.
>>
>> My first thought is that I would have to remove anonymous access to these
>> files and/or their parent folder within IIS. I was thinking that I could
>> then create a Windows account called something like WebUsers and give it
>> access to that folder. I'm hoping to write some ASP code that
> authenticates
>> my users against my own database and, if successful, logs them into IIS
> via
>> the WebUsers account (so that all my users share the same account).
>>
>> My problem is I cannot find an code or method or object to do this. Is
> there
>> some simple function that I can use to pass a username, pw, and domain to
>> IIS to authenticate the user that would then carry through for them to be
>> able to download non-ASP (PDF, etc.) content?
>>
>> Or, am I completely thinking about this the wrong way? It seems to me
>> that
>> this is something that would be fairly common.
>
> To add to what Tim said ...
>
> Put the files outside of the wwwroot path so there is no direct URL access
> to them. In your ASP code, authenticate your users from your database and
> then as appropriate use ADODB.Stream to Response.BinaryWrite the contents
> of
> the PDF.
>
> Here's an example with jpg, just chnage the relevant bits for PDF:
> http://www.aspfaq.com/show.asp?id=2161
>
> --
> Tom Kaminski IIS MVP
> http://www.microsoft.com/windowsserver2003/community/centers/iis/
> http://mvp.support.microsoft.com/
> http://www.iistoolshed.com/ - tools, scripts, and utilities for running
> IIS
>
>
- Next message: Jeff Cochran: "Re: Protect PDF files via ASP?"
- Previous message: Jeff Cochran: "Re: Zip files"
- In reply to: Tom Kaminski [MVP]: "Re: Protect PDF files via ASP?"
- Next in thread: Jeff Cochran: "Re: Protect PDF files via ASP?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
