How to secure xml files in a website.

views:

answers:

How to secure xml files in a website.

Hi,

I'm creating an application that is able to generate xml licenses. The application is secured by forms authentication. Now the problem is that if I create a physical xml file that file can be downloaded even with the security enabled.

How would you guys secure this license file?

+2 A:

You could put it in the App_Data folder.

Darin Dimitrov 2009-11-19 09:52:39

Yes, best option.

Henk Holterman 2009-11-19 10:03:39

it should still be accessable for the authenticated users though

Sem Dendoncker 2009-11-19 12:54:38

Then you could write a custom http handler that serves this file to authenticated users by checking the `context.User.Identity.IsAuthenticated` property first.

Darin Dimitrov 2009-11-19 14:05:58

Use encryption in your XML file?

Ben Fransen 2009-11-19 09:53:11

+1 A:

Don't know about asp.net, generally though, I'd just create the file someplace in the filesystem which is not accessible through the web, and if needed, relay it through your application, previously checking authentication...

x3ro 2009-11-19 09:54:36

ansaurus

tags:

views:

answers:

How to secure xml files in a website.

related questions