Quote:
|
Originally Posted by maneetpuri
Hi,
As you do not want to use HTTP Authentication, what you can do is create a login page and give URL of the same to the users you want to share these files. Then you will have to create the a database of username & passwords, which will be used by your users to login and for your application to authenticate the user, once logged in then you can parse the directry listing of this folder and show links to the users to downalod or open these files.
Hope this helps.
Cheers,
~Maneet
|
Hi!
Maneet, nice answer!
Indeed, you will need to create a login script that authenticates users. The username/passwords can be stored on a text file or database. The passwords should be stored encrypted (on the text file or database).
The directory with the secret files should be password protected (with web server mechanisms).
Additionally, you will need a script that lists the content of the protected file
directory and another one that serves the protected files.
Summary:
1. Only the scripts have access to the protected directory.
2. The users need not to know about the protected directory.
3. The users see the listing of the protected directory through a script.
4. The protected files are served by a script.
5. The script can be written in ASP.NET, PHP, JSP, Python, etc.
For example:
- User login via http://example.com/login.php
- User sees directory listing via http://example.com/listing.php
- User download a file via http://example.com/get_file.php?file=myfile.doc
The script get_file.php has (read) access to the protected directory.
I can show you an implementation in PHP, if you need. Just let me know.
Cheers,
Leonel Machava
dBforums
>
How to secure a web folder?
04-17-09, 15:04
Linear Mode
