[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Restrict access to Word docs w/in a site

Posted on 2004-04-07
7
Medium Priority
?
148 Views
Last Modified: 2013-12-04
My company has security set up on our internal sites that do not allow people to enter hard-coded asp files and directly access them.  It forces them to go through the log-in screen and follow the proper links to get to what they need.  It has been working great for 2 years now.

The problem is, we have links to word and excel docs on our site.  The security we have set up on asp does not work on these files (because the asp files have an include that provides that security).  Is there some way to put this kind of control at the site level?  I looked into global.asa files but those only work on asp files.

Any ideas?

0
Comment
Question by:ags00
  • 2
  • 2
  • 2
6 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 10781142
ags00

You need to set the NTFS permissions on the folders where the files actually exist - or on the files themselves (although this will get complicated)

You can use the same method for securing the ASP as well and save yourself all that extra security coding and session variable checking.

Cheers

JamesDS
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10781524
Understanding NTFS permissions:
http://www.windowsitlibrary.com/Content/592/1.html

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Author Comment

by:ags00
ID: 10783086
Either this is not what I need or I am not understanding how to use it.  If I restrict the NTFS permissions how would that work?  If someone accesses the pages through the proper channels, great.  If they hard code the location in their browser, they should not be able to see the page, whether they get a "page can't be displayed" or it redirects them to the last page they were on.  To me it seems like the only thing I can do with NTFS is completely restrict or grant access, regardless of how they got to the page.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 16

Expert Comment

by:JamesDS
ID: 10783123
aha, sorry

No you can't apply the session security settings to files in that manner.

Cheers

JamesDS
0
 

Author Comment

by:ags00
ID: 10783156
I figured - that would be too easy :-)

I think the only solution to this is SSL... do you know if that is on your site, if you can directly access documents or not?
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 600 total points
ID: 10790113
Step-by-Step Guide to Public Key-Based Client Authentication in Internet Explorer - Nice little overview from Microsoft going through the configuration of IE when you want certificate based authentication using TLS/SSL. Only the client side is described here. 2 pages.
http://www.microsoft.com/windows2000/techinfo/planning/security/pubkeyie.asp 
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month18 days, 2 hours left to enroll

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question