Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Streaming 2
- Thread starter SteveD73
- Start date
-
2
- #2
BigBadDave
Programmer
Hi,
One way to do it is to keep the *.zip file in the database itself let me know if you need more info.
From Big Dave
One way to do it is to keep the *.zip file in the database itself let me know if you need more info.
From Big Dave
- Thread starter
- #3
The reason I need to stream the file is to stop unauthorized users from accessing it. I have no problems stopping unauthorized users from accessing the asp files but im worried that a user could just type the name of the zip file in and download it directly, therefore bypassing the asp page security.
If I put it into a database could the authorized users download it like a normal zip file?
Thanks
If I put it into a database could the authorized users download it like a normal zip file?
Thanks
BigBadDave
Programmer
You can incorperate the download page into the session variable scenario so you will be able to control download rights
How many people would have access to this file? Would it be effective to put it in a protected directory, and then give the password to those people so that they could access it?
By that I mean stick the file in a directory and then put read only rights on that directory and only for one user (or more if you wish) -- but no rights for the default users (browser)... then, if anyone tries to type in the address, they will be prompted for a username and password.
Additionally, you could put that username and password on a page that is easily protected via your ASP access rights.
The page might look like this:
<%
if session("privelage" = "canSee" then
%>
Click the link below and this information when prompted:
userName: special
password: 8976212
<%
else
response.redirect("someOtherPage.asp"
end if
%>
Would be a secure option --
paul
By that I mean stick the file in a directory and then put read only rights on that directory and only for one user (or more if you wish) -- but no rights for the default users (browser)... then, if anyone tries to type in the address, they will be prompted for a username and password.
Additionally, you could put that username and password on a page that is easily protected via your ASP access rights.
The page might look like this:
<%
if session("privelage"
= "canSee" then%>
Click the link below and this information when prompted:
userName: special
password: 8976212
<%
else
response.redirect("someOtherPage.asp"
end if
%>
Would be a secure option --
paul
- Thread starter
- #6
BigBadDave
Programmer
I have made a demo for you the url is :
the demo username is : admin
the demo password is : admin
you can view the ASP source of the pages by viewing :
replace default.asp with the page name e.g. file.asp you get the gist
From Big Dave
the demo username is : admin
the demo password is : admin
you can view the ASP source of the pages by viewing :
replace default.asp with the page name e.g. file.asp you get the gist
From Big Dave
- Status
Similar threads
- Locked
- Question