• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 219
  • Last Modified:

Setting Permissions with ASP

Is it possible to change permission on files and folders with ASP? F.i. let a cerain user have read access and another full control?
0
MHQ
Asked:
MHQ
  • 2
1 Solution
 
jdsweetCommented:
Technically, this is possible. However, there are two very different approaches to do this.

A) Innate WinNT permissions.
You are using NT security on your machine, which means the server knows which user is coming in based on a login when they first hit your secured site.  In this case, you can just use Front Page or InterDev (Project -> Web Project -> Web Permissions) to secure individual pages based on NT User and Group accounts.

A slight variant on this is Site Server's P&M capabilities, but you can only do this if you're using Site Server.

Advantage: easy start-up, easy to maintain
Disadvantage: requires clients to be using IE browser and have an actual account on your domain, but Site Server P&M gets around these disadvantage

B) Database security
This is the more common way of doing things, since it doesn't require giving random web users some account on your domain, however limited.

In this case you somehow create a user_id and password for users, store it in a database yourself, and then authenticate the user through custom ASP scripts.  Usually, this involves authenticating the user once, and then checking on each page whether the current user has access to the current content.  Of course, you have to go and create a lookup table in your database that lists which users have access to which pages.  This is definitely a more complicated option, and requires programmers to design and implement.  It's also technically less secure than the other option, since user names and passwords are flying over the Internet in cleartext, unless you have an SSL secured web server.
0
 
MHQAuthor Commented:
What I mean is that I want to set the permissions on a library directly from the ASP code. Add/remove users that exists in my domain. (It's a local intranet so evryone exists in the NT-server. I know what you mean about setting permissions using the web permissions, the question is, can I do this from ASP code?
0
 
jdsweetCommented:
Yes, you can, but only with Site Server P&M, as I understand it.  This may change with the release of NT 5.0, because only then will the underlying OS fully support the Active Directory Services (ADS) that you apparently need.  ADS provides a much simpler hook into all sorts of things, but particularly the security mechanisms you want.  

Site Server P&M is what actually provides the Automation interface (which an interpreted language like ASP requires) you need. Without P&M (or something similar, I don't know of anything else) you're only option is to write some sort of component that provides a wrapper to the native OS calls you'll need to make, install that component on every server.  That's *exactly* what P&M provides.  P&M comes as part of Site Server 3.0 Standard -- much cheaper than Site Server Commerce which runs into the thousands...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now