Hi, I have inherited a site which uses a flash ui with a .net 2.0 backend. The implemented login is very simple in that it just compares the username and password given with those in the db and returns true if ok. No session variables are kept. Once in the app, the user now has access to some pdf links. This works great, however, the complaint is that once the user accesses the pdfs the links stay in the browser history and are there for anyone using that computer to see.
I see the only way around this is to keep session state and lock down the folder so only logged on users may access the folder the pdfs reside.
Now, I have limited experience with both iis and .net. Where should I be looking to start here? If I could stop the pdfs opening in the browser via the acrobat plugin that would also solve the problem at this stage. Anyway, any ideas much appreciated. thanks