Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jeroen Breuer 4909 posts 12266 karma points MVP 5x admin c-trib
    Jun 07, 2010 @ 17:00
    Jeroen Breuer
    0

    Protected media in intranet

    Hello,

    I'm using Umbraco to create an Intranet. I use the media section for users to upload files which members of the intranet can view. The problem I've got now is that I only want to view the media to members who are logged in. Currently the media can be downloaded by directly going to the url. I know the protected media package might help, but it doesn´t work well for media which is already uploaded. I think my best solution is to create a custom http handler which checks if a member is logged in before the file is processed. This check should be done for everything in the media section. Is this a good solution or are there better suggestions?

    Jeroen

    Copy Link
  • Richard Soeteman 4052 posts 12925 karma points MVP 2x
    Jun 07, 2010 @ 17:07
    Richard Soeteman
    0

    Hi Jeroen,

    Are you using IS7? If So maybe create a custom HTTP Handler that you configure in IIS7 so it gets triggered when you try to request the media and add logic for the security check in that handler?

    Cheers,

    Richard

    Copy Link
  • Jeroen Breuer 4909 posts 12266 karma points MVP 5x admin c-trib
    Jun 08, 2010 @ 08:46
    Jeroen Breuer
    0

    We're using IIS6. Is there a way to just secure the entire media folder in Umbraco? Can I write a httpHandler which can catch all the files? I got the following example from a colleague:

    Web.config:

    1.    <add verb="GET" path="*.pdf"
type="Extensions.BusinessLogic.PdfHandler"
validate="false" />

    Does *.* for the path also works or will this cause other problems?

    Jeroen

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft