No, users will not need access to the web sever the files are hosted on. Requirements: A simple, drag-n-drop solution for adding/removing binary files from a web server. Some of these files should be accessible on the web server by direct URL; others should not.
On 8 Apr 2011, at 17:08, [email protected] wrote: > You need both local user access and remote access? > > Sent from my HTC on the Now Network from Sprint! > > ----- Reply message ----- > From: "Wade Preston Shearer" <[email protected]> > Date: Fri, Apr 8, 2011 16:33 > Subject: [UPHPU] restricting access to assets on a public server > To: "Utah PHP Users Group Discuss" <[email protected]> > > I have a lot of non-technical people that need to get media assets onto a web > server (PDFs, spreadsheets, videos, images, etc). I don't want to have to > deploy it for them and I don't want the content on the same server that our > content management system is running on. > > My plan thus far consists of creating a local SMB share for them to mount on > their desktops. They can then manage (drag-n-drop) files to and from this. A > cron job will rsync these files up to a web server every ten minutes. I've > done this before and it works well. > > The obstacle that I have run into this time however is that some of the > content will need to be protected. Certain assets can be accessed by anyone > that has the URL but others will need to require that the user be > authenticated. The way I usually restrict access to a file is by putting it > on the server outside of web root and then streaming it down to the browser > through a script. The script can verify that the user is authenticated. This > doesn't work though if the assets are on a separate server. > > The only thing I have thought of thus far is putting the assets outside of > web root on the other server and reading them via a web service that requires > authentication. The service would authenticate, read the file, and stream the > bytes over to the requesting server where it would then stream it out to the > browser (forced header download). > > Good solution? Any better ideas? > > _______________________________________________ > > UPHPU mailing list > [email protected] > http://uphpu.org/mailman/listinfo/uphpu > IRC: #uphpu on irc.freenode.net _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
