Welcome Guest Search | Active Topics | Sign In | Register

Essential Objects Product Support Forum » All Products » Support » Upload Permissions - LogonAs method?

Upload Permissions - LogonAs method? Options
Previous Topic · Next Topic
Dunce!
Posted: Wednesday, August 12, 2009 8:01:32 AM
Rank: Newbie
Groups: Member

Joined: 8/12/2009
Posts: 2
Hi,

I'm interested in the Upload component however I just have a permission related question.

In classic ASP I use the Persits ASPUpload component and it has a "LogonAs" method which makes it VERY easy to impersonate a specific user account whilst uploading files. This makes the job of securing files very easy to accomplish.

Does the EO Upload control have a similar option for impersonating windows accounts with elevated permissions?

Thanks,
Mark
Back to top
 
eo_support
Posted: Wednesday, August 12, 2009 8:34:37 AM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,194
Hi,

Unfortunately it does not. However because uploader always upload to a temp directory first, you can set permissions on the temp directory used by the uploader (AJAXUploader.TempFileLocation) to fine tune the permissions.

Thanks!
Back to top
 
Dunce!
Posted: Wednesday, August 12, 2009 8:45:24 AM
Rank: Newbie
Groups: Member

Joined: 8/12/2009
Posts: 2
Thanks for the reply, howerver I don't understand how that would help.

Write permissions would be required on the temp folder (which is fine), but then the destintation folder would still require write permissions for the asp net account, to be able to save the file there.

If the ASP NEt account has write permissions, then the files are not secure and can be downloaded by anyone.

Or am I not understanding you properly?

Thanks,
Mark
Back to top
 
eo_support
Posted: Wednesday, August 12, 2009 8:55:56 AM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,194
Hi,

Not exactly. Having write permission does not mean user will be able to download files. You can grant NT write permission to the folder (so that uploader will work) but remove IIS read permission on the same folder (In IIS manager, right click the folder, then select property, then clear both read and write on the Directory tab). That way your code will be able to write the file but user will not be able to read the file through IIS.

Another approach is to use an absolute path to point your file folders outside of your application. For example, if your application is inside "c:\wwwroot\yourapp", you can set the file path to "c:\tempfiles". This way your app can access the file fine because its running on the same server, but user will not be able to download it because it is outside of your application's root directory.

Thanks!
Back to top
 


You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.