Solved

Restrict access to Word docs w/in a site

Posted on 2004-04-07
7
139 Views
Last Modified: 2013-12-04
My company has security set up on our internal sites that do not allow people to enter hard-coded asp files and directly access them.  It forces them to go through the log-in screen and follow the proper links to get to what they need.  It has been working great for 2 years now.

The problem is, we have links to word and excel docs on our site.  The security we have set up on asp does not work on these files (because the asp files have an include that provides that security).  Is there some way to put this kind of control at the site level?  I looked into global.asa files but those only work on asp files.

Any ideas?

0
Comment
Question by:ags00
  • 2
  • 2
  • 2
7 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 10781142
ags00

You need to set the NTFS permissions on the folders where the files actually exist - or on the files themselves (although this will get complicated)

You can use the same method for securing the ASP as well and save yourself all that extra security coding and session variable checking.

Cheers

JamesDS
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10781524
Understanding NTFS permissions:
http://www.windowsitlibrary.com/Content/592/1.html

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Author Comment

by:ags00
ID: 10783086
Either this is not what I need or I am not understanding how to use it.  If I restrict the NTFS permissions how would that work?  If someone accesses the pages through the proper channels, great.  If they hard code the location in their browser, they should not be able to see the page, whether they get a "page can't be displayed" or it redirects them to the last page they were on.  To me it seems like the only thing I can do with NTFS is completely restrict or grant access, regardless of how they got to the page.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 16

Expert Comment

by:JamesDS
ID: 10783123
aha, sorry

No you can't apply the session security settings to files in that manner.

Cheers

JamesDS
0
 

Author Comment

by:ags00
ID: 10783156
I figured - that would be too easy :-)

I think the only solution to this is SSL... do you know if that is on your site, if you can directly access documents or not?
0
 
LVL 12

Accepted Solution

by:
trywaredk earned 200 total points
ID: 10790113
Step-by-Step Guide to Public Key-Based Client Authentication in Internet Explorer - Nice little overview from Microsoft going through the configuration of IE when you want certificate based authentication using TLS/SSL. Only the client side is described here. 2 pages.
http://www.microsoft.com/windows2000/techinfo/planning/security/pubkeyie.asp
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now