[UPHPU] restricting access to assets on a public server

Wade Preston Shearer wadeshearer.lists at me.com
Fri Apr 8 17:28:48 MDT 2011


No, users will not need access to the web sever the files are hosted on.

Requirements: A simple, drag-n-drop solution for adding/removing binary files from a web server. Some of these files should be accessible on the web server by direct URL; others should not.


On 8 Apr 2011, at 17:08, wattwood at gmail.com wrote:

> You need both local user access and remote access?
> 
> Sent from my HTC on the Now Network from Sprint!
> 
> ----- Reply message -----
> From: "Wade Preston Shearer" <wadeshearer.lists at me.com>
> Date: Fri, Apr 8, 2011 16:33
> Subject: [UPHPU] restricting access to assets on a public server
> To: "Utah PHP Users Group Discuss" <uphpu at uphpu.org>
> 
> I have a lot of non-technical people that need to get media assets onto a web server (PDFs, spreadsheets, videos, images, etc). I don't want to have to deploy it for them and I don't want the content on the same server that our content management system is running on. 
> 
> My plan thus far consists of creating a local SMB share for them to mount on their desktops. They can then manage (drag-n-drop) files to and from this. A cron job will rsync these files up to a web server every ten minutes. I've done this before and it works well.
> 
> The obstacle that I have run into this time however is that some of the content will need to be protected. Certain assets can be accessed by anyone that has the URL but others will need to require that the user be authenticated. The way I usually restrict access to a file is by putting it on the server outside of web root and then streaming it down to the browser through  a script. The script can verify that the user is authenticated. This doesn't work though if the assets are on a separate server.
> 
> The only thing I have thought of thus far is putting the assets outside of web root on the other server and reading them via a web service that requires authentication. The service would authenticate, read the file, and stream the bytes over to the requesting server where it would then stream it out to the browser (forced header download).
> 
> Good solution? Any better ideas?
> 
> _______________________________________________
> 
> UPHPU mailing list
> UPHPU at uphpu.org
> http://uphpu.org/mailman/listinfo/uphpu
> IRC: #uphpu on irc.freenode.net



More information about the UPHPU mailing list