We have an app with a protected area that just using a basic session check in application.cfm. In the protected area there is a directory of PDFs. No one can access them through the app without logging in. If the person knew the url to the pdf though it would serve since application.cfm would not run to check the session. Is there any quick way to secure these? Maybe with windows authentication? I know we could make a cfm page to look up and serve the file so the link to the pdf is never exposed but these are uploaded via a cms and the link put into the page by the client that would be more of a training exercise to make sure they are using the right link to the pdf, etc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330647 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4