I'm creating a website which besides other tasks will play some recorded files. these recorded files are on a remote server with private ip address, so I've created a virtual directory which points to a share directory on the mentioned server.
now I'm able to playback the files using client side controls like wmplayer. BUT the problem is sound file urls are accessible without any authentication and authorization.
is there anyway to enforce .net authorization and authentication (in web.config) on this virtual directory? I also should mention I can not use solutions like httphandlers to download the files because file are streamed using iis so user could navigate on the file without downloading all of it)
thanx
Open IIS (I suppose you use IIS7.0 or later). Find the mentioned virtual directory and click on it. In the listed features find Authentication, right click on it and press Open Feature. Then disable anonymous authentication for this folder. Does the problem persist?
Related
I have an asp.net application which does the following: loads data about audio files (file name, path and so on) from DB and shows them in table on the page. Application uses windows authentication (this cannot be changed).
I've added html 5 audio controls to my table cells so that users could play audio files without downloading them - actually, I don't want them to be able to download files at all.
Audio files come from two network-shared directories - one is accessible by all domain users, the second one is accessible only to specific user. Audio control requires the src to be a relative url - ok, fine, so I went to IIS manager and created two virtual directories under my application. For the second, highly protected directory, I'd set credentials which should have helped my application to access files.
Result seems quite strange to me: users see audio files from the first (accessible) directory preloaded and can play them; users cannot preload and cannot play files from the second directory with preset credentials.
Problem is definitely not in the audio src itself - it is well-formed. Seems like IIS is trying to access data in the second virtual directory under credentials of current domain user and not the one, whose login and password were set on folder setup.
Is there any way to overcome this problem? Unfortunately, granting access to this directory to all users is not a chance. Changing app pool identity to that same specific user also gave no results. App users and user account for the second folder are all in the same domain.
IIS access file via application pool identity not login user. So when you are running an application with network share directory, please change the app pool identity to a domain user that have permission to access both. Then you can restrict login user permission via authorization rule.
i have a asp.net website
i have some files swf files that i want to prevent downloading them
is there a solution that the IIS can have a passord for downloading the file swf file and i can provide this password in some situations on the server that i can pass this password in the code
so that the swf file can be viewed from my page only as provide the password
but no one can download it using download managers
or any other http request that request this swf file
Don't put the swf file under your web root. Put it somewhere else like C:\Inetpub\assets. Then use a .NET page or handler to provide the file upon request.
http://yoursite.com?GetAsset.ashx?filename=whatever.swf
Then the request will be part of the same session as the rest of your application and you can validate that the user is really allowed to download the swf.
You can configure IIS Authorization, to allow only authenticated user to access your resouces:
http://learn.iis.net/page.aspx/142/understanding-iis-70-url-authorization/
can you create ftp accounts on your server ? if yes , create a folder only accessible with the credentials you set then put the swf files in it ( i guess you are using a distant IIS server ).
Your hosting service may provide an admin interface were you can set some ftp accounts.
The user will have to access your files with a ftp client application.
there is something named Mine Types. If you add a Mime Type and set an extension like .swf to that you allow client to download and see all .swf files of the server. just go to Mime types tool of IIS and remove ones that you want to prevent downloading.
I have a file uploading and viewing page in ASP.Net 1.1 using VB. Now the page will be visible in intranet as well internet. Here in my case the intranet and internet servers are different. How can i save the uploaded file in the intranet server and view from there subsequently when the activity is done using the internet server?
I'd suggest that you have both instances of the application (intranet and internet) save their uploaded files to a common location. I'm going to assume, given that you're targeting .net 1.1 that you're probably looking for a solution/directions for IIS 6.0 or below, rather than the 7.x that comes with Vista/Server 2008.
You need to firstly decide where you're going to store the uploaded files, it could be on the Intranet server, the Internet server or a 3rd "filestore" server. Having done that, you can map that location to a commonly named Virtual Directory on each of your two web servers as follows:
Start "Internet Information Services (IIS) Manager" (Start > Control Panel > Administrative Tools)
Expand the "Web Sites" node and find the virtual directory for your application
Right click on the virtual directory and choose "New" > "Virtual Directory..."
In the wizard that appears, give the folder alias as something like SharedUploadFiles
Specify the path in the next step as something like \\192.168.100.1\SharedUploadFilesStore (i.e. wherever you've chosen to store the files
The next step will require security credentials. Set these as a username and password that has read/write access (as appropriate) to the share you've specified in step 5.
In the "Virtual Directory Access Permissions" step set the permissions as appropriate, click Next and then Finish.
Your application will now be able to access files in that share as if they were part of your web servers file system. So, if you had a file located at \\192.168.100.1\SharedUploadFilesStore\sample.txt, you would then be able to access it through both:
http://internetdomain.name/MyWebAppName/SharedUploadFiles/sample.txt
and
http://intranet.mycompany.local/MyWebAppName/SharedUploadFiles/sample.txt
My knowledge of how to solve any issues you encounter whilst configuring this isn't that deep, and you'd probably get a better answer at http://www.serverfault.com/ as whilst your question is a programming one, the answer I've given isn't a programmatic solution (not that it always has to be! =)
I have ASP.NET project which do some file access and manipulation, the methods which I use for file access are below. Now I need to access files on another server shared folder, how to do that? I easily can change file path to shared folder path but I get "can't access" error because shares are password protected.
As I understand I need somehow to send credentials to remote server before executing methods below. How to do that?
FileStream("c:\MyProj\file.doc", FileMode.OpenOrCreate, FileAccess.Write)
Context.Response.TransmitFile("c:\MyProj\file.doc");
Regards,
Tomas
An ASP.NET application (by default) will execute in IIS6 under the "ASPNET" computer account. You therefore have a couple of options:
Configure your ASPNET application to run under a (weak) domain account with permissions to access the remote computer's share
Set the permissions on the share to enable access to "Everybody" (not recommended)
Disable Forms authentication and use Windows authentication in your ASP.NET app. Turn off impersonation in web.config and IIS should pass the credentials of the user who is currently using your web application through to the underlying share (I think).
The latter option is only useful, of course, if your users all have domain accounts on your intranet, for instance. I'll continue to look around for ways to add credentials but I'm not sure off the top of my head if that's possible.
HTH,
Richard.
I am using a 3rd party component which creates settings files based on hard-coded file paths i.e. they are compiled into the DLL e.g.
%APPDATA%\Vendor\Settings.ini
I have created a few console/service applications that use this and work very well. However, I am now trying to use a similar approach via my ASP.NET MVC web application and the settings file never seems to write out!
Usually if the application is running under my acconut for example the file would be written to somewhere like:
C:\Documents and Settings\James\Application Data\Vendor\Settings.ini
So I thought if the website AppPool was running under the same account the file would be saved to the same place....However, it never appears. The account is an admin account running under Windows server 2003.
Any ideas?
Thanks.
Have you checked to see if the settings file is created in the App_Data folder in the web application? If not, could you put an existing settings file there and see if it uses it?
It's not about the webpool account, it's about guest user's account.
Go to the properties of your site in IIS, Directory Security and in the anonymous access click on the Edit button, there you'll see wich account is been used when someone access your site.
Couldn't find a solution to this, so I decided to develop a local WCF service (which would create the settings file in the correct directory path) and just accessed it via my web application.