Please help!
The website I am administering uses a login with username/password referanced to an acces DB..the information in turn is stored in a session variable.
The problem I have is, I have several folders that I need to restrict access to. Restriction works through the site navigation (i.e. session redirect scripts on the asp pages etc function as they should)BUT access to the contents of the folder is still possible manually. The folders can be secured successfully using NT permissions although this is not desirable as there are a number of users and we have a facility whereby they can edit their username/password etc. So Basically the question is..
Can I secure the folder using the session information.Or (a compromise) can I create an NT group or user and assign the session variable to that group..so that the NT permissions will take effect? AAARgh
At the moment I am using a "hack" whereby the files that are restricted are hiden behind a default.asp which redirects to the homepage....
I apologise for the length of this thread
Nosferer
The website I am administering uses a login with username/password referanced to an acces DB..the information in turn is stored in a session variable.
The problem I have is, I have several folders that I need to restrict access to. Restriction works through the site navigation (i.e. session redirect scripts on the asp pages etc function as they should)BUT access to the contents of the folder is still possible manually. The folders can be secured successfully using NT permissions although this is not desirable as there are a number of users and we have a facility whereby they can edit their username/password etc. So Basically the question is..
Can I secure the folder using the session information.Or (a compromise) can I create an NT group or user and assign the session variable to that group..so that the NT permissions will take effect? AAARgh
At the moment I am using a "hack" whereby the files that are restricted are hiden behind a default.asp which redirects to the homepage....
I apologise for the length of this thread
Nosferer
