To get around the direct linking problem us a CFCONTENT
approach, then build your links dynamically to pull your
content. That way should somebody try and you have error
checking built it would check the URL realize that they
don't have what ever is needed and bounce the user back to
where ever in your site they need to go. By just making
them log in and then giving them direct link access to your
images I think you may be opening your self to other holes
besides just them linking back to images. Hope this makes
sense, it's late and I am tired, but you might make some
sense of it. =)
Bill K.
> -----Original Message-----
> From: Jason E Miller [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, March 17, 2001 11:37 PM
> To: CF-Talk
> Subject: File/Image Security
>
>
> Does anyone have a good suggestion for a way to
> secure Files / Images on
> remote cluster servers - currently the web
> servers authenticate the users
> against a DB then drop a cookie to decide what
> areas of the website they
> users are allowed access to. The images and files
> that make up other areas
> of the site are on a separate machine only
> serving Files / Images and if a
> users was aware enough they could hot link back
> to the files / images after
> the fact or share the link externally.
> I would like to avoid having to use NT
> authentication to protect the file
> directorys or making the user log in more than once.
> Thanks for any suggestions
> Win 2K SP1 , CF 4.5.1.SP2
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
