Comments on: Protecting PDF files in IIS 6 using Forms Authentication http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/ It's always time to upgrade! Sat, 19 Nov 2011 23:30:40 +0000 hourly 1 http://wordpress.org/?v=3.3 By: Jeremy http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-2050 Jeremy Sat, 19 Nov 2011 23:30:40 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-2050 Chad, I forgot to give you more feedback and credit on this. I definitely figured out where to put this and have been using it at work on a few projects. Big help. If I ever meet you in real life, I'll buy you a soda! Here's a little note I made for myself about the whole process (you are credited): http://jcoulson.com/school/forms_auth.html. Chad, I forgot to give you more feedback and credit on this. I definitely figured out where to put this and have been using it at work on a few projects. Big help. If I ever meet you in real life, I’ll buy you a soda! Here’s a little note I made for myself about the whole process (you are credited): http://jcoulson.com/school/forms_auth.html.

]]> By: Chad http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-2004 Chad Fri, 14 Oct 2011 21:50:56 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-2004 I never tried it on IIS7, there was never a need for it, although if you wanted to ensure your Application pool is using the Legacy/Classic mode instead of the integrated pipeline mode. I would suggest you skip this workaround all together though and instead block access to the .pdf/content files using your .config file in the new Integrated mode, which IIS will then automatically control security on those files from your web.config without having to code for it. I never tried it on IIS7, there was never a need for it, although if you wanted to ensure your Application pool is using the Legacy/Classic mode instead of the integrated pipeline mode.

I would suggest you skip this workaround all together though and instead block access to the .pdf/content files using your .config file in the new Integrated mode, which IIS will then automatically control security on those files from your web.config without having to code for it.

]]> By: Dan http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-2003 Dan Fri, 14 Oct 2011 20:58:44 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-2003 I don't suppose you ever got this to work on IIS 7... Any hints? I don’t suppose you ever got this to work on IIS 7…

Any hints?

]]> By: Chad http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-1942 Chad Mon, 05 Sep 2011 07:25:23 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-1942 You want to stick that IHttpHandler class in a .cs file in your App_Code directory for the site, so it gets built into the site DLL. You could also create a seperate class library for this handler and reference that project in your website through the add reference dialog, then update the web.config entry to match that project's DLL name and any namespace you give the handler. You want to stick that IHttpHandler class in a .cs file in your App_Code directory for the site, so it gets built into the site DLL. You could also create a seperate class library for this handler and reference that project in your website through the add reference dialog, then update the web.config entry to match that project’s DLL name and any namespace you give the handler.

]]> By: Jeremy http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-1938 Jeremy Fri, 02 Sep 2011 14:48:16 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-1938 Hey, this looks like it might be the key! I've been trying to solve this for months. I'm not a very experienced programmer, though. Where does that IHttpHandler go in my application? http://www.co.frederick.va.us/dev/pdfprotector That's an example. Any ideas? I'm drowning. Thanks. Hey, this looks like it might be the key! I’ve been trying to solve this for months. I’m not a very experienced programmer, though. Where does that IHttpHandler go in my application?

http://www.co.frederick.va.us/dev/pdfprotector

That’s an example.

Any ideas? I’m drowning. Thanks.

]]> By: Taliesin http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-489 Taliesin Fri, 19 Mar 2010 09:46:00 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-489 If you want to apply authorization, for pdf files. Check out this handler: http://code.google.com/p/talifun-web/wiki/RegexUrlAuthorizationModule It provides authorization on all urls that match a regular expression. It also allows you to apply any authorization that is supported by .net web.config files. Serving content from an http handler can be a tricky business, especially pdf files. Adobe Reader in "Allow fast web view" mode starts downloading a pdf and soon as it has enough bytes to display the first page it aborts the connection to the web server, and displays the first page. Then it makes a "multipart/byteranges" request to retrieve the rest of the document. This is what causes most download scripts to fail when serving pdf content. If you are looking for an http handler that will serve static files in a cached, compressed and resumable manner. Check out http://code.google.com/p/talifun-web/wiki/StaticFileHandler If you want to apply authorization, for pdf files.

Check out this handler:
http://code.google.com/p/talifun-web/wiki/RegexUrlAuthorizationModule

It provides authorization on all urls that match a regular expression. It also allows you to apply any authorization that is supported by .net web.config files.

Serving content from an http handler can be a tricky business, especially pdf files. Adobe Reader in “Allow fast web view” mode starts downloading a pdf and soon as it has enough bytes to display the first page it aborts the connection to the web server, and displays the first page. Then it makes a “multipart/byteranges” request to retrieve the rest of the document. This is what causes most download scripts to fail when serving pdf content.

If you are looking for an http handler that will serve static files in a cached, compressed and resumable manner.

Check out
http://code.google.com/p/talifun-web/wiki/StaticFileHandler

]]> By: Aaron http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-260 Aaron Thu, 15 Oct 2009 22:02:38 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-260 Great! It was very helpful. Great! It was very helpful.

]]> By: Ruble http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-173 Ruble Mon, 14 Sep 2009 17:16:51 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-173 This was very helpful for us. Thanks to your post we could solve a big problem of some one accessing our pdf's Thank you so very much. This was very helpful for us.
Thanks to your post we could solve a big problem of some one accessing our pdf’s
Thank you so very much.

]]> By: Kathy http://www.chadscharf.com/index.php/2008/04/protecting-pdf-files-in-iis-6-using-forms-authentication/comment-page-1/#comment-84 Kathy Fri, 31 Jul 2009 20:36:20 +0000 http://chadscharf.com/post.aspx?id=cb52d8b4-d442-418d-a5d3-d94c4ece3c86#comment-84 Your article was fabulous, well described and easy to follow. thanks for contributing to Tech community. Regards, kathy Your article was fabulous, well described and easy to follow.
thanks for contributing to Tech community.

Regards,
kathy

]]>