[UPHPU] restricting access to assets on a public server

wattwood@gmail.com wattwood at gmail.com
Fri Apr 8 17:08:45 MDT 2011


You need both local user access and remote access?

Sent from my HTC on the Now Network from Sprint!

----- Reply message -----
From: "Wade Preston Shearer" <wadeshearer.lists at me.com>
Date: Fri, Apr 8, 2011 16:33
Subject: [UPHPU] restricting access to assets on a public server
To: "Utah PHP Users Group Discuss" <uphpu at uphpu.org>

I have a lot of non-technical people that need to get media assets onto a web server (PDFs, spreadsheets, videos, images, etc). I don't want to have to deploy it for them and I don't want the content on the same server that our content management system is running on. 

My plan thus far consists of creating a local SMB share for them to mount on their desktops. They can then manage (drag-n-drop) files to and from this. A cron job will rsync these files up to a web server every ten minutes. I've done this before and it works well.

The obstacle that I have run into this time however is that some of the content will need to be protected. Certain assets can be accessed by anyone that has the URL but others will need to require that the user be authenticated. The way I usually restrict access to a file is by putting it on the server outside of web root and then streaming it down to the browser through  a script. The script can verify that the user is authenticated. This doesn't work though if the assets are on a separate server.

The only thing I have thought of thus far is putting the assets outside of web root on the other server and reading them via a web service that requires authentication. The service would authenticate, read the file, and stream the bytes over to the requesting server where it would then stream it out to the browser (forced header download).

Good solution? Any better ideas?

_______________________________________________

UPHPU mailing list
UPHPU at uphpu.org
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net


More information about the UPHPU mailing list