How to protect user based folder and files in asp.net core 2.1 project
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I have a folder named archive in my project and have a separate folder for each user. Sample folder structure;
Archive(Folder) => User1(Folder) => other folders => files
Archive(Folder) => User2(Folder) => other folders => files ...
I don't want a user to access other users' folders and files. I also want to prevent users who are not logged in to access the archive folder and its contents.
How can I do that?
.net-core asp.net-core-mvc protected-folders
edited Jan 4 at 19:02
Llazar
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
add a comment |
I have a folder named archive in my project and have a separate folder for each user. Sample folder structure;
Archive(Folder) => User1(Folder) => other folders => files
Archive(Folder) => User2(Folder) => other folders => files ...
I don't want a user to access other users' folders and files. I also want to prevent users who are not logged in to access the archive folder and its contents.
How can I do that?
.net-core asp.net-core-mvc protected-folders
edited Jan 4 at 19:02
Llazar
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
1
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51
add a comment |
I have a folder named archive in my project and have a separate folder for each user. Sample folder structure;
Archive(Folder) => User1(Folder) => other folders => files
Archive(Folder) => User2(Folder) => other folders => files ...
I don't want a user to access other users' folders and files. I also want to prevent users who are not logged in to access the archive folder and its contents.
How can I do that?
.net-core asp.net-core-mvc protected-folders
edited Jan 4 at 19:02
Llazar
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
I have a folder named archive in my project and have a separate folder for each user. Sample folder structure;
Archive(Folder) => User1(Folder) => other folders => files
Archive(Folder) => User2(Folder) => other folders => files ...
I don't want a user to access other users' folders and files. I also want to prevent users who are not logged in to access the archive folder and its contents.
How can I do that?
.net-core asp.net-core-mvc protected-folders
.net-core asp.net-core-mvc protected-folders
edited Jan 4 at 19:02
Llazar
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
edited Jan 4 at 19:02
Llazar
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
edited Jan 4 at 19:02
Llazar
1,0802717
edited Jan 4 at 19:02
Llazar
1,0802717
edited Jan 4 at 19:02
Llazar
1,0802717
1,0802717
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
asked Jan 4 at 7:48
Yücel AydınYücel Aydın
32
32
1
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51
add a comment |
1
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51
1
1
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51
add a comment |
2 Answers
2
active
oldest
votes
For Static file authorization, you could refer Static file authorization.
For another option, you could write your own middleware to check the identity before app.UseStaticFiles();.
app.Map("/Archive", subApp => {
subApp.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
else if(context.Request.Path.StartsWithSegments("/Archive/User1") && context.User.Identity.Name != "User1")
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
});
});
app.UseStaticFiles();
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
add a comment |
creating permissions (file / folder level ownership) on operating system level can be cumbersome. If you decide to make this on OS level, you need your users to be domain authenticated / windows authentication (hence you need to use Windows or Active Directory Authentication)
Then you can easily give ownership to specificed files / folders and they cannot be reached by anyone else (other non-administrator users)
On the other hand, you may decide to create this mechanism on the application layer. In this case you only need to impersonate your application with an elevated user so that you can create files / folders. After that you need to create mechanism on the application level for identifying which users have access to where (folders). For this, I myself choose to use cached database table.
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54034931%2fhow-to-protect-user-based-folder-and-files-in-asp-net-core-2-1-project%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
For Static file authorization, you could refer Static file authorization.
For another option, you could write your own middleware to check the identity before app.UseStaticFiles();.
app.Map("/Archive", subApp => {
subApp.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
else if(context.Request.Path.StartsWithSegments("/Archive/User1") && context.User.Identity.Name != "User1")
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
});
});
app.UseStaticFiles();
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
add a comment |
For Static file authorization, you could refer Static file authorization.
For another option, you could write your own middleware to check the identity before app.UseStaticFiles();.
app.Map("/Archive", subApp => {
subApp.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
else if(context.Request.Path.StartsWithSegments("/Archive/User1") && context.User.Identity.Name != "User1")
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
});
});
app.UseStaticFiles();
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
add a comment |
For Static file authorization, you could refer Static file authorization.
For another option, you could write your own middleware to check the identity before app.UseStaticFiles();.
app.Map("/Archive", subApp => {
subApp.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
else if(context.Request.Path.StartsWithSegments("/Archive/User1") && context.User.Identity.Name != "User1")
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
});
});
app.UseStaticFiles();
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
For Static file authorization, you could refer Static file authorization.
For another option, you could write your own middleware to check the identity before app.UseStaticFiles();.
app.Map("/Archive", subApp => {
subApp.Use(async (context, next) =>
{
if (!context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
else if(context.Request.Path.StartsWithSegments("/Archive/User1") && context.User.Identity.Name != "User1")
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
}
});
});
app.UseStaticFiles();
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
answered Jan 7 at 6:13
Tao ZhouTao Zhou
7,61231434
7,61231434
add a comment |
add a comment |
creating permissions (file / folder level ownership) on operating system level can be cumbersome. If you decide to make this on OS level, you need your users to be domain authenticated / windows authentication (hence you need to use Windows or Active Directory Authentication)
Then you can easily give ownership to specificed files / folders and they cannot be reached by anyone else (other non-administrator users)
On the other hand, you may decide to create this mechanism on the application layer. In this case you only need to impersonate your application with an elevated user so that you can create files / folders. After that you need to create mechanism on the application level for identifying which users have access to where (folders). For this, I myself choose to use cached database table.
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
add a comment |
creating permissions (file / folder level ownership) on operating system level can be cumbersome. If you decide to make this on OS level, you need your users to be domain authenticated / windows authentication (hence you need to use Windows or Active Directory Authentication)
Then you can easily give ownership to specificed files / folders and they cannot be reached by anyone else (other non-administrator users)
On the other hand, you may decide to create this mechanism on the application layer. In this case you only need to impersonate your application with an elevated user so that you can create files / folders. After that you need to create mechanism on the application level for identifying which users have access to where (folders). For this, I myself choose to use cached database table.
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
add a comment |
creating permissions (file / folder level ownership) on operating system level can be cumbersome. If you decide to make this on OS level, you need your users to be domain authenticated / windows authentication (hence you need to use Windows or Active Directory Authentication)
Then you can easily give ownership to specificed files / folders and they cannot be reached by anyone else (other non-administrator users)
On the other hand, you may decide to create this mechanism on the application layer. In this case you only need to impersonate your application with an elevated user so that you can create files / folders. After that you need to create mechanism on the application level for identifying which users have access to where (folders). For this, I myself choose to use cached database table.
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
creating permissions (file / folder level ownership) on operating system level can be cumbersome. If you decide to make this on OS level, you need your users to be domain authenticated / windows authentication (hence you need to use Windows or Active Directory Authentication)
Then you can easily give ownership to specificed files / folders and they cannot be reached by anyone else (other non-administrator users)
On the other hand, you may decide to create this mechanism on the application layer. In this case you only need to impersonate your application with an elevated user so that you can create files / folders. After that you need to create mechanism on the application level for identifying which users have access to where (folders). For this, I myself choose to use cached database table.
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
answered Jan 4 at 19:14
Derviş KayımbaşıoğluDerviş Kayımbaşıoğlu
15.8k22042
15.8k22042
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54034931%2fhow-to-protect-user-based-folder-and-files-in-asp-net-core-2-1-project%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Do you mean you want permissions on the file system / operating system layer? or do you just want to setup permissions within the application layer?
– Svek
Jan 4 at 9:51