I have a site that contains a media folder stuffed with Very Important Secret Documents.
I can restrict access to the pages these media items are displayed on using member roles, but how can I prevent someone from accessing a media file if they just use the URL? E.g.
Silly me. Getting the file to generate a save as dialog box using a .Net control would hide the link location. I think I need to drink more coffee today.
You could also route all requests through the .NET engine (including *.doc) and perform authentication checks yourself. This would add the security you require.
You could use a different approach, which I've done in the past for a few projects (pm4umbraco). It obfuscates the path to your media item (media is stored on a virtual location). Folders can be protected on member group level as well.
I'll probably go with Chris's idea on this one, as I can't see a recommended releas for pm4umbraco, but I'll definately bookmark that for a later date.
Restricting Access to the media folder.
Hi
I have a site that contains a media folder stuffed with Very Important Secret Documents.
I can restrict access to the pages these media items are displayed on using member roles, but how can I prevent someone from accessing a media file if they just use the URL? E.g.
http://mysite/media/whathappenedatarea51.doc
I see there was some discussion about this a few years ago, but wondered if there's a new solution. I'm using Umbraco V4.
The original discussion is below.
http://forum.umbraco.org/yaf_postst4062_Access-restrictions-on-media-files.aspx
Silly me. Getting the file to generate a save as dialog box using a .Net control would hide the link location. I think I need to drink more coffee today.
You could also route all requests through the .NET engine (including *.doc) and perform authentication checks yourself. This would add the security you require.
Hi Chris. Do you mean using wildcard application mappings in IIS? I'm not sure if I've understood you properly.
Yep, pretty much. I'd take the same approach in the old post. Probably there's a nicer way to stream the file in .NET 3.5.
Shaun,
You could use a different approach, which I've done in the past for a few projects (pm4umbraco). It obfuscates the path to your media item (media is stored on a virtual location). Folders can be protected on member group level as well.
Cheers,
/Dirk
Thanks guys.
I'll probably go with Chris's idea on this one, as I can't see a recommended releas for pm4umbraco, but I'll definately bookmark that for a later date.
is working on a reply...