Drop box could work. Everyone shares the account, make two folders in out. Public and Private. Then on a dedicated box run a cron to sync the two sets of assets to their respective places on the web server. Then use the normal simple auth script to validate and stream. On Apr 8, 2011 5:28 PM, "Wade Preston Shearer" <[email protected]> wrote: > No, users will not need access to the web sever the files are hosted on. > > Requirements: A simple, drag-n-drop solution for adding/removing binary files from a web server. Some of these files should be accessible on the web server by direct URL; others should not. > > > On 8 Apr 2011, at 17:08, [email protected] wrote: > >> You need both local user access and remote access? >> >> Sent from my HTC on the Now Network from Sprint! >> >> ----- Reply message ----- >> From: "Wade Preston Shearer" <[email protected]> >> Date: Fri, Apr 8, 2011 16:33 >> Subject: [UPHPU] restricting access to assets on a public server >> To: "Utah PHP Users Group Discuss" <[email protected]> >> >> I have a lot of non-technical people that need to get media assets onto a web server (PDFs, spreadsheets, videos, images, etc). I don't want to have to deploy it for them and I don't want the content on the same server that our content management system is running on. >> >> My plan thus far consists of creating a local SMB share for them to mount on their desktops. They can then manage (drag-n-drop) files to and from this. A cron job will rsync these files up to a web server every ten minutes. I've done this before and it works well. >> >> The obstacle that I have run into this time however is that some of the content will need to be protected. Certain assets can be accessed by anyone that has the URL but others will need to require that the user be authenticated. The way I usually restrict access to a file is by putting it on the server outside of web root and then streaming it down to the browser through a script. The script can verify that the user is authenticated. This doesn't work though if the assets are on a separate server. >> >> The only thing I have thought of thus far is putting the assets outside of web root on the other server and reading them via a web service that requires authentication. The service would authenticate, read the file, and stream the bytes over to the requesting server where it would then stream it out to the browser (forced header download). >> >> Good solution? Any better ideas? >> >> _______________________________________________ >> >> UPHPU mailing list >> [email protected] >> http://uphpu.org/mailman/listinfo/uphpu >> IRC: #uphpu on irc.freenode.net > > > _______________________________________________ > > UPHPU mailing list > [email protected] > http://uphpu.org/mailman/listinfo/uphpu > IRC: #uphpu on irc.freenode.net
_______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
