 |  |  |  |  |  |  |  |
Security & Access Control in Classical ASP
Please support our C# advertiser: Intel Parallel Studio Home
 |
Hi All,
I have a typical problem. We have established product developed in ASP. Now I want to add security and access cotrol to upload directory and files. I could not find anything that can help me to write code in ASP. But in ASP.net C# and C++ there is lot. By comparison, I wrote in ASP something like this:
Public Sub AllowAccess(FullPath, UserNameForFullAccess, Access_Mask)
Dim oFileSecurity, oFile
oFile = oFile.FileInfo(FullPath)
oFileSecurity = oFile.GetAccessControl()
if (len(trim(UserNameForFullAccess)) > 1 ) then
if (len(Access_Mask)>1) then
select case Access_Mask
case GENERIC_ALL
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_EXECUTE
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.ReadAndExecute, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_READ
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Read, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_WRITE
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Read, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Write, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case FILE_ACCESS_ALL
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case MAXIMUM_ALLOWED
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
end select
end if
end if
oFile = Nothing
oFileSecurity = Nothing
End Sub
Public Sub RevokeAccess(FullPath, UserNameForDeniedAccess)
Dim oFileSecurity, oFile
oFile = FileInfo(FullPath)
oFileSecurity = oFile.GetAccessControl()
if (len(trim(UserNameForDeniedAccess)) > "") then
oFileSecurity.RemoveAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForDeniedAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
End if
oFile = Nothing
oFileSecurity = Nothing
End Sub
This code fulfills my need but problem is this does not work in ASP. Can somebody help me how can I achieve this in ASP?
Nitin Rajurkar
I have a typical problem. We have established product developed in ASP. Now I want to add security and access cotrol to upload directory and files. I could not find anything that can help me to write code in ASP. But in ASP.net C# and C++ there is lot. By comparison, I wrote in ASP something like this:
Public Sub AllowAccess(FullPath, UserNameForFullAccess, Access_Mask)
Dim oFileSecurity, oFile
oFile = oFile.FileInfo(FullPath)
oFileSecurity = oFile.GetAccessControl()
if (len(trim(UserNameForFullAccess)) > 1 ) then
if (len(Access_Mask)>1) then
select case Access_Mask
case GENERIC_ALL
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_EXECUTE
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.ReadAndExecute, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_READ
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Read, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case GENERIC_WRITE
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Read, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.Write, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case FILE_ACCESS_ALL
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
case MAXIMUM_ALLOWED
oFileSecurity.AddAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForFullAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
end select
end if
end if
oFile = Nothing
oFileSecurity = Nothing
End Sub
Public Sub RevokeAccess(FullPath, UserNameForDeniedAccess)
Dim oFileSecurity, oFile
oFile = FileInfo(FullPath)
oFileSecurity = oFile.GetAccessControl()
if (len(trim(UserNameForDeniedAccess)) > "") then
oFileSecurity.RemoveAccessRule(New System.Security.AccessControl.FileSystemAccessRule(UserNameForDeniedAccess, System.Security.AccessControl.FileSystemRights.FullControl, System.Security.AccessControl.AccessControlType.Allow))
oFile.SetAccessControl(oFileSecurity)
End if
oFile = Nothing
oFileSecurity = Nothing
End Sub
This code fulfills my need but problem is this does not work in ASP. Can somebody help me how can I achieve this in ASP?
Nitin Rajurkar
-7
#2 Oct 15th, 2009
I take it you are using IIS?
If i am helpful, please give me reputation points.
0
#3 Oct 16th, 2009
Hi Jbennet,
You are right. I am using IIS and Internet Explorer 6.0 and above. I created ActiveX and accessing these through it.
Any simple solution you have?
Nitin
You are right. I am using IIS and Internet Explorer 6.0 and above. I created ActiveX and accessing these through it.
Any simple solution you have?
Nitin
|
Similar Threads
- ASP + Microsoft OLE DB Provider for SQL Server error '80004005' (ASP)
- Unable to access control panel (Viruses, Spyware and other Nasties)
- Asp.net Page access Control (ASP.NET)
- Was able to get rid of gomyhit.com, but now I don't have access to Control Panel. (Viruses, Spyware and other Nasties)
- Cannot Access Control Panel (Windows NT / 2000 / XP)
- Can't access control panel at all (Viruses, Spyware and other Nasties)
- cant access Control panel, and display properties (Viruses, Spyware and other Nasties)
- cant access control panel (Viruses, Spyware and other Nasties)
- Access to control panel (VB.NET)
Other Threads in the C# Forum
- Previous Thread: Debug Error
- Next Thread: A tcp ip client using C#
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest C# Posts
- Today's Posts
- Unanswered Threads
access adobe antivirus apple attack blackhat botnet browser business c# cellphone conficker conspiticy control crime cybercrime daniweb data database dataloss debian development dns domains email encryption exploit facebook files firefox fraud gmail google government hack hacker hacking hardware idtheft information internet iphone kaspersky linux mac macosx malware mcafee mckinnon microsoft mobile mozilla nasa news obama os password patch paypal pentagon phishing php politics privacy redhat report research sans scam search security software softwaredevelopment spam spyware sql strider survey symantec terrorism trends trojan twitter typo-squatting uk usb users vb.net virus vista vulnerability warning web webmail website windows windows7 worm xp zeroday
