I have a site where I would like to store some files in a folder and for only authenticated users to have access to the files in that folder? Does any body know how to secure a folder in this manner? I know you can do something simliar using basic http authentication but this pops up an ugly dialogue box asking for username/password. Is there a way to check if a user is authenticated on the server side and if validated the user can have access to the files?
As you do not want to use HTTP Authentication, what you can do is create a login page and give URL of the same to the users you want to share these files. Then you will have to create the a database of username & passwords, which will be used by your users to login and for your application to authenticate the user, once logged in then you can parse the directry listing of this folder and show links to the users to downalod or open these files.
Hope this helps.
Maneet, nice answer!
Indeed, you will need to create a login script that authenticates users. The username/passwords can be stored on a text file or database. The passwords should be stored encrypted (on the text file or database).
The directory with the secret files should be password protected (with web server mechanisms).
Additionally, you will need a script that lists the content of the protected file
directory and another one that serves the protected files.
1. Only the scripts have access to the protected directory.
2. The users need not to know about the protected directory.
3. The users see the listing of the protected directory through a script.
4. The protected files are served by a script.
5. The script can be written in ASP.NET, PHP, JSP, Python, etc.