Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to secure PDF files

Posted on 2004-09-22
9
Medium Priority
?
250 Views
Last Modified: 2013-12-04
Greetings,

I have couple PDF files on W2K3 web server. Right now I use ASP to check user's login info, then link them to the PDF files. But the user can still browse the the PDF file if they know the path. Is there anyway to secure the PDF files?

Thanks.
0
Comment
Question by:mrong
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 49

Accepted Solution

by:
Roonaan earned 105 total points
ID: 12126506
As fpdf.org can write a pdfcreation script which can create password encrypted pdf-files on the fly using PHP, there must be someone who has written such a thing for ASP.

The PDF's will be secure by 2 pwds. Readonly pwd to access the file and a owner pwd to be able to edit the file in adobe.

Although not fully ontopic, it might help you to keep hopes up :-)

-r-
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126621
all you have to do is set proper NTFS security on your network,,, that will work 100% regardless of the filetype or extension.  IE check the security on the file by going to the properties of the file.
0
 

Author Comment

by:mrong
ID: 12126669
Yes, I can set up NT folders security, but I don't want create NT local account for each users.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126696
so you are asking how to password protect a file then basically, without using NTFS secuirty then right?
0
 

Author Comment

by:mrong
ID: 12126772
What do you mean by password protection? All the users share the same password?

Thanks.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126959
lets get to the root of the problem,, you say that you check the users login info with an ASP script.  what do you mean exacly?  where are the usernames/passwords stored? in a database you created or do you use an ASP script to have them all log into AD with the same account?
0
 

Author Comment

by:mrong
ID: 12127173
The usernames/passwords are stored in Text file.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12132518
ok,, so you have an app that basically is a portal that lets users into a separate portion of your website.... and from there im not sure which NTFS account they are using (probably the built in IUSER account which is for anonymous IIS access)  It is my guess that anyone could get to these URLs without any username/password at all.  But my point is, withough NTFS secuirty set up, you users will ALWAYS be able to access any file once they get past your ASP username/password. Especially if they all log in with the same username/password like you mentioned..... if they are all loging in with the same username/password how is the server supposed to know who should get to which files??  I know that is not the answer that you are looking for but it is the right answer and the easiest and most secure way to set up security.  Its built into the OS and is VERY easy to set up.
0
 

Author Comment

by:mrong
ID: 12159769
The text file store multiple user names. My Asp run a COM, it first check weather the user name exist in the text file then use COM the authenticate with LDAP server.

Are you saying it can't be done without using NTFS security(folder permission)?

Thanks.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question