Mauri:
To restrict access to the ASP application, you can configure IIS
to allow only a certain range of IP addresses. Since the app is aimed
at your company's employees only, you should allow only the IP range
that your company uses. All others will be denied access. I use this
for restricted access to my company's private apps while leaving the
public ASP applications open for all access.
Bryan Ponnwitz
Webmaster - Broome-Tioga Boces
[EMAIL PROTECTED]
(607) 763-3609
>>> Mauri G�mez <[EMAIL PROTECTED]> 07/09/02 06:34AM >>>
Hi all. I have an intranet website programmed in asp which users log in
with
a user and a password stored in a MS-SQL Server table. There I have
private
information of my company stored in pdf format, so when people is
logged in
can read and get this documentation. Till here all is correct.
The problem I ve detected is that if anybody outside of the company
types
the exact url adress in his browser of any pdf document stored in the
website, they can get the document without being logged in. I would
like to
add some kind of permissions to this files, but I think that i cannot
do
this in an asp page...
Any ideas?
Thanks in advance
Mauri
