Is it possible to do Authentication with ASP.NET / C# over IIS ?

[Martin Strojek]

Hi,

I try to solve a problem: Some folder on an IIS Webserver should be
protected with username and password. So I switched off anonymous
access and do Authentication. So far so good. But I want to have a SQL
database with the users which are allowed to login and just ONE System
account who is allowed to login to the protected folder. So what I
want to do is:
Make a login page and check Username and password against the entries
in the sql.
Not the problem but is it possible to do an authentication with the
script with the windows account after successful checking against the
sql user so that the script can send a http header with the file
location?

Step by step:
1. Login page
2. Check login against sql data
3. Store success and show filenames, click on a filename
3. Success -> Authenticate via script with windows user who has access
to the folder which is protected and contains the files.
4. Send header information with the filepath to download

For some suggestions I would be thankful


Regards
Martin Strojek
(e-mail address removed)

 

[John Oakes]

I usually do a binary send to send files to users with permissions. This
way you can store the files in a protected folder that none of the users can
access directly, but your webapp can stream them to users with correct
permissions.

-John Oakes

 

[Martin Strojek]

Thanks for this suggestion, that was
what I tried so far:

Put the files in a folder upper the docroot of the website itself so that
they can't be accessed over HTTP and
read data with System.IO to send them with octed stream over
a download page.

Thought there was another way like the idea I had before in this thread.

But I can live with this one

Thanks & regards

Martin Strojek
(e-mail address removed)