One thing you could do is write a CF page to retrieve the files for the user. That way, they wouldnt know the actual location of the file on the file system. You would then make sure they were logged in before letting them retrieve the file.
Dave On Tue, Jul 28, 2009 at 2:11 PM, Scott Mulholland <[email protected]>wrote: > > I imagine this is a common issue : > > > > Let's say you have bunch of PDFs in a directory: /pdfs and the links to > the > files in the site are behind a login so non-registered users cannot access > them. If a users knew the link to the file: > http://www.mysite.com/pdfs/sample.pdf they could still get to it in the > browser without signing in. Is there any way outside of windows > authentication at the directory level to prevent this? What is the > standard > way of dealing with this (if any)? > > > > Thanks, > > Scott > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325045 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
