File Level access through IIS and ASP

Results 1 to 2 of 2

Thread: File Level access through IIS and ASP

  1. #1
    Join Date
    Dec 1969

    Default File Level access through IIS and ASP

    I have an ASP Intranet Web Application where users upload their files. The files can be text, doc or anything. The users logins and passwords are in a database and i have knowledge of which user uploaded which file in the database. Now i want that the user who uploaded the file should be the only one who is able to access it.Eg users A and B upload two files a.txt and b.txt respectivel and i store them in the root directory at and respectively. Now i want that only user a should be able to access a.txt and should not be able to access b.txt. similarly for user b. Cookies are enables and i have a function which tells me if the user has access to it or not. But if i set read permission of directory "uploadedfiles" to true, then if a knows the url of b.txt and writes it, he will be able to read it. But if i set the read access to false nobody will be able to access it. Since user accounts are different from windows accounts, i can&#039;t even use IIS NT challenge response or basic Authentication. <BR>The only relevant page i have found is which says that i will have to make my own filter and work with IIS. All i want is that i should restrict access based on users which are not integrated with windows accounts and have different file access for different files. Can&#039;t i do it in any other way.<BR><BR>Thanks and Cheers<BR>Jasdeep

  2. #2
    Join Date
    Dec 1969

    Default Not really...

    The following approaches do the ISAPI filter work for you<BR><BR>You can do it w/ Site Server although its kind of involved and I wouldn&#039;t really recomend it.<BR><BR>I haven&#039;t used this product, but I think it does what you want.<BR><BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts