?
Solved

How to secure PDF files

Posted on 2004-09-22
9
Medium Priority
?
248 Views
Last Modified: 2013-12-04
Greetings,

I have couple PDF files on W2K3 web server. Right now I use ASP to check user's login info, then link them to the PDF files. But the user can still browse the the PDF file if they know the path. Is there anyway to secure the PDF files?

Thanks.
0
Comment
Question by:mrong
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 49

Accepted Solution

by:
Roonaan earned 105 total points
ID: 12126506
As fpdf.org can write a pdfcreation script which can create password encrypted pdf-files on the fly using PHP, there must be someone who has written such a thing for ASP.

The PDF's will be secure by 2 pwds. Readonly pwd to access the file and a owner pwd to be able to edit the file in adobe.

Although not fully ontopic, it might help you to keep hopes up :-)

-r-
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126621
all you have to do is set proper NTFS security on your network,,, that will work 100% regardless of the filetype or extension.  IE check the security on the file by going to the properties of the file.
0
 

Author Comment

by:mrong
ID: 12126669
Yes, I can set up NT folders security, but I don't want create NT local account for each users.
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126696
so you are asking how to password protect a file then basically, without using NTFS secuirty then right?
0
 

Author Comment

by:mrong
ID: 12126772
What do you mean by password protection? All the users share the same password?

Thanks.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12126959
lets get to the root of the problem,, you say that you check the users login info with an ASP script.  what do you mean exacly?  where are the usernames/passwords stored? in a database you created or do you use an ASP script to have them all log into AD with the same account?
0
 

Author Comment

by:mrong
ID: 12127173
The usernames/passwords are stored in Text file.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12132518
ok,, so you have an app that basically is a portal that lets users into a separate portion of your website.... and from there im not sure which NTFS account they are using (probably the built in IUSER account which is for anonymous IIS access)  It is my guess that anyone could get to these URLs without any username/password at all.  But my point is, withough NTFS secuirty set up, you users will ALWAYS be able to access any file once they get past your ASP username/password. Especially if they all log in with the same username/password like you mentioned..... if they are all loging in with the same username/password how is the server supposed to know who should get to which files??  I know that is not the answer that you are looking for but it is the right answer and the easiest and most secure way to set up security.  Its built into the OS and is VERY easy to set up.
0
 

Author Comment

by:mrong
ID: 12159769
The text file store multiple user names. My Asp run a COM, it first check weather the user name exist in the text file then use COM the authenticate with LDAP server.

Are you saying it can't be done without using NTFS security(folder permission)?

Thanks.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month12 days, 15 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question