FTP Security
Ok, here's what I am trying to do. I don't even know if it's the right approach. I am writing the 'World Virtual Science Fair' for the College of the North Atlantic - Qatar. I work there as a college instructor (Communications not programming)
Once a 'Team' fills out the required info the system registers them and creates their folder. The name of the folder is their uniqueID, like Team123. The system writes a start page inside this folder called index.html. Now, the newly registered team has a folder and inside the folder, one file. Once the team logs in I want the system to allow them to FTP files to their folder. The FTP looks like Windows Explorer where they can simply drop files into their folder. All of this I can do.
The problem....
How do I keep teams out of other team's folders? Once they log in and click the upload button, the FTP window opens beautifully into their folder but they have access to the toolbar with the arrow to move up directories. This allows them inside any other folder.
This site is written using ASP.
Is there a way to set permissions on the newly created folders at run time?
If not, what is the solution?
By the way, since I am not a guru this site is fabulous.
Vince Stack
Vince Stack
Once a 'Team' fills out the required info the system registers them and creates their folder. The name of the folder is their uniqueID, like Team123. The system writes a start page inside this folder called index.html. Now, the newly registered team has a folder and inside the folder, one file. Once the team logs in I want the system to allow them to FTP files to their folder. The FTP looks like Windows Explorer where they can simply drop files into their folder. All of this I can do.
The problem....
How do I keep teams out of other team's folders? Once they log in and click the upload button, the FTP window opens beautifully into their folder but they have access to the toolbar with the arrow to move up directories. This allows them inside any other folder.
This site is written using ASP.
Is there a way to set permissions on the newly created folders at run time?
If not, what is the solution?
By the way, since I am not a guru this site is fabulous.
Vince Stack
Vince Stack
Are you using NT authentication for them to login?
ASKER
No. They just log in from a security tabl in the database. I could use NT Authentication if that helps.
Thank you
Thank you
What I was thinking was that if you were using NT authentication you could then somehow create the new folder and asign nt permissions on that folder based on the logged in user account.
I think it is Sever.authenticated_user
I think it is Sever.authenticated_user
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Eww, that didn't paste too great..... watch out for some of those lines to make sure they are on the same line as REM.... like the line of ===== will make the bat file fail unless it is all on the REM line.