Security Problem(URL Authorization)

mehdi · #1 (**permalink**) 05-31-06, 07:23

Hi,

I want to view a file in my web form (in an ASP.NET application) from an http folder, in other hand everyone can Type the URL address in the address bar and view the file outside of my application.
If I set a password for my web folder, it’s ok but when users work with application they must enter username and password of my web folder.
I tried several ways to solve my problem but I couldn’t.
I appreciate if anybody can help me

Best regards,
mehdi

wayneph · #2 (**permalink**) 05-31-06, 17:54

One option might be to hide the video from users and have an .aspx page that reads the file off of the FileSystem and then Streams it to the browser that way. (Response.WriteFile() or something similar. I don't recall the exact method)

In your file you can check to see if they have an active session and are using the Application. Have the main page set a session variable that it's ok to use the video, and then have the video page clear it after it's been checked.

Just one idea...

mehdi · #3 (**permalink**) 06-01-06, 01:55

Hi

thanks for your Reply.how we could read File system.

Best regards
mehdi

wayneph · #4 (**permalink**) 06-01-06, 14:46

Since you're using .NET Response.WriteFile will do all the dirty work for you.
Just set the correct header for the type of videos that you have.

Code:

Response.AddHeader("Content-Type","video/avi")
Response.WriteFile("c:\NotInWebDirecory\myMove.avi")
Response.End

Internet Services

Web Development

Digital Marketing

Consumer Tech