Securing executables on the Web -- iis security

Amanda
2/20/2004 1:29:56 PM

I maintain a web site in which users must log into to
recieve the information provided. There are literally
hundreds of downloads available on the site and I need to
secure them. User's cannot get to the Web page that these
executables are displayed on without logging in; however,
if a user knew the path and name of the executable he
would be able to download it.

Is there a way to secure these executables to allow only
authenicated users of the site to download them.

Tom Kaminski [MVP]
2/20/2004 4:51:45 PM

[quoted text, click to view]

Place the files outside wwwroot and use ADODB.Stream and
Response.BinaryWrite on an ASP to "stream" them to an authenticated user:
http://support.microsoft.com/?kbid=276488

This might help with your authentication:
http://www.aspfaq.com/show.asp?id=2114

--
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserver2003/community/centers/iis/

iis security : Securing executables on the Web