Last post Feb 21, 2014 09:34 AM by francesco abbruzzese
Feb 21, 2014 03:24 AM|AhrimanSefid|LINK
Me Need Help In Add Authenticate with a User Name and Password in folder in host not acess to edit iis.
read all user & pass in db (sqlserver).
Feb 21, 2014 09:26 AM|Perkinsville|LINK
You might consider implementing Windows Authentication that uses either NTLM or Kerberos.
Then the client credentials can be applied to the access rights given on a folder.
You need to also check the identity of the application pool.
Don't store passwords on a database in clear text, IMO:
Feb 21, 2014 09:34 AM|francesco abbruzzese|LINK
In addition to Perkinsville once you have chosen windows authentication, the best way to proceed is to make the asp.net impersonate the user not for all request but just for
executing the piece of code that access the file. This can be done creating an impersonation context:
using (WindowsImpersonationContext impersonatedUser = (User.Identity as System.Security.Principal.WindowsIdentity).Impersonate())
//Access your file and/or folders here