Solved

How to secure PDF files

Posted on 2004-09-22
9
245 Views
Last Modified: 2013-12-04
Greetings,

I have couple PDF files on W2K3 web server. Right now I use ASP to check user's login info, then link them to the PDF files. But the user can still browse the the PDF file if they know the path. Is there anyway to secure the PDF files?

Thanks.
0
Comment
Question by:mrong
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 49

Accepted Solution

by:
Roonaan earned 35 total points
ID: 12126506
As fpdf.org can write a pdfcreation script which can create password encrypted pdf-files on the fly using PHP, there must be someone who has written such a thing for ASP.

The PDF's will be secure by 2 pwds. Readonly pwd to access the file and a owner pwd to be able to edit the file in adobe.

Although not fully ontopic, it might help you to keep hopes up :-)

-r-
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126621
all you have to do is set proper NTFS security on your network,,, that will work 100% regardless of the filetype or extension.  IE check the security on the file by going to the properties of the file.
0
 

Author Comment

by:mrong
ID: 12126669
Yes, I can set up NT folders security, but I don't want create NT local account for each users.
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126696
so you are asking how to password protect a file then basically, without using NTFS secuirty then right?
0
 

Author Comment

by:mrong
ID: 12126772
What do you mean by password protection? All the users share the same password?

Thanks.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126959
lets get to the root of the problem,, you say that you check the users login info with an ASP script.  what do you mean exacly?  where are the usernames/passwords stored? in a database you created or do you use an ASP script to have them all log into AD with the same account?
0
 

Author Comment

by:mrong
ID: 12127173
The usernames/passwords are stored in Text file.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12132518
ok,, so you have an app that basically is a portal that lets users into a separate portion of your website.... and from there im not sure which NTFS account they are using (probably the built in IUSER account which is for anonymous IIS access)  It is my guess that anyone could get to these URLs without any username/password at all.  But my point is, withough NTFS secuirty set up, you users will ALWAYS be able to access any file once they get past your ASP username/password. Especially if they all log in with the same username/password like you mentioned..... if they are all loging in with the same username/password how is the server supposed to know who should get to which files??  I know that is not the answer that you are looking for but it is the right answer and the easiest and most secure way to set up security.  Its built into the OS and is VERY easy to set up.
0
 

Author Comment

by:mrong
ID: 12159769
The text file store multiple user names. My Asp run a COM, it first check weather the user name exist in the text file then use COM the authenticate with LDAP server.

Are you saying it can't be done without using NTFS security(folder permission)?

Thanks.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question