Advertisement

08.28.2008 at 03:30PM PDT, ID: 23687403 | Points: 500
[x]
Attachment Details

Protect files (doc, pdf, ppt) that can be accessed directly via URL path after session is passed

Asked by super786 in Active Server Pages (ASP), Miscellaneous Security, HTTP

Tags: , ,

How would I go about doing this?

Scenario: User signs on to the website, which is completely classic ASP written, his session is active. He has the permissions to access files which is great. Now, because he's signed in, the URL to the file can be copied and sent over to another browser, or another person across the globe, and that person can still access the file WITHOUT SIGNING IN.

How do I stop this?

In all my other classic ASP pages, I have a login verification script, that bumps a user off to the login page if trying to access ASP pages, but when it comes to documents, all they need is a URL to the file, and they can open it.

Is there something I need to do in IIS? What am I missing? Start Free Trial
 
Keywords: Protect files (doc, pdf, ppt) that c…
Title
1 ASP to PDF
2 ASP Classic Convert MS Word to PDF
3 Enable download of PDF file
4 Trying to Stream PDF to Browser
5 ASP Classic on the Mac?
6 Migrate from Asp Classic
 
Loading Advertisement...
 
[+][-]08.28.2008 at 04:12PM PDT, ID: 22340834

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.29.2008 at 06:52AM PDT, ID: 22345349

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628