ForceField.NET Web Edition
ForceField.NET Web Edition is aimed to restrict
unauthorized access to files published on a web server. It
is based on our ForceField.NET component, which could be used to
implement security subsystem for nearly any database driven
.NET application. You can use ForceField.NET Web Edition as
a primer on ForceField.NET's capabilities and ideology.
1. Protect files in minutes!
You need to protect files on ASP.NET-based web site from
unauthorized access, but do not want to use standard
Windows security? Now you can easily do it with
ForceField.NET Web Edition. ForceField.NET Web
Edition
stores users' data and ACL's in a database so MS SQL Server
is required. If you do not have one you can use this link to download MSDE—free version of SQL Server.
ForceField.NET Web Edition setup automatically creates
tables for storing information about users and protected
files and folders. It also adds necessary sections to the
web.config file of a specified ASP.NET application. After
the installation you should use the web interface to create users
and set up permissions.
Please check out the demo
version of the ForceField.NET Web
Edition. You can
login using name “admin” and password “12345”.
2. “The Deck” sample application
Below you will see the list of files served by our
sample web-application—“The Deck”. Files are protected by
the ForceField.NET Web Edition, and you can certain yourself that
public accessible files may be viewed (i.e. downloaded),
while requests to files with restricted access result in
“not authorized” message.
Using management
interface (admin/12345) you can change security policy and see how it affects files
accessibility.
Attention. Since you are encouraged to
investigate ForceField.NET Web Edition by playing
with it, it is very likely that assumed file access
policy could be changed by other site visitors. So
keep in mind that at the beginning of each hour
demo database is being recreated to fully
correspond to the policy described below.
Files with images of the three of clubs, the seven of
diamonds and the queen of spades have “Public” access
class. That means that those images could be downloaded by
any visitor. All aces have “Demo Viewable” access class and
so they are not accessible by anonymous user. After
authentication with name “admin” and password “12345” one
can view them too.
Pay attention, that though “the sixes” may be viewed by
everyone, they are not accessible with sub-path
“/preference”. This happens because each of the “sixes”
files has virtual sub item “preference” assigned with
“Admin Only” access class. Class “Admin Only” specifies
that item is not accessible for any demo-user. The class
name could be a bit confusing because “admin” user has no
access to them, but do not worry. This user is, in fact,
does not have full administrative rights to the
demo-system. In you application administrator will have
full access everywhere.
In the other way, “the twos” are not accessible by
themselves, but publicly viewable with sub-path “/pocker”
(sub items has class “Public”). The “twos” files do not
have any access class, so nominally they are not protected
by ForceField.NET Web Edition. At the same time, the folder
containing those files is protected and has “Demo Viewable”
class, so after login (admin/12345) you can download files
without access class specified. Such files inherit access
class from parent.
In such a way you can specify different rights of
accessing the same file in different modes (sub-paths).
Using the page for managing file protection, you can create any amount of
nested sub-paths for file, and later use those sub-paths in
your application.
To login to ForceField.NET Web Edition control panel you
can use name “admin” and password “12345”.
Enter the demo
interface
3. Purchase ForceField.NET Web Edition
Easy to use setup program which installs
ForceField.NET Web Edition and its administration interface into any
ASP.NET application, registered in your Internet
Information Server, is distributed via RegNow service for the price of $79.95.
Order now!
