Re: Control of cookies???

[m.delibero () comcast net]

He can't use .htaccess because IIS doesn't support that.  There are a few ways however the most secure way was already 
mentioned where you have the documents off of the web document root and request them through a page.  

Another way is if only a certain set of user's will be accessing these documents you could setup NTLM for that folder 
and allow only these users access to that folder.  You could also setup a login and then from there either save the 
authenticated information in a cookie or a session, this is also probably the easiest to implement insecurely though.  

Thanks,
Mike
> On Wednesday 28 January 2004 14:03, Marcelo Caffaro wrote:
> > Hello Guys, anyone can help-me to send ideas, solutions or samples to
> > manage the session of one website.
> >
> > For Sample, i have one site (IIS) and below this structure of site i have
> > the folder named docs, but if i put the complete url of the website
> > document, everyone can see my document. I need create one method to
> > authenticate my user, i dont know if cookie control is a best solution but
> > i need to arrest the user, ip and cookie to control the user access, if the
> > user is not authenticated the user cannot see the documents.
> >
> > Anyone can help-me?
> >
> > Sorry my english
> I've understand you, that not everybody should have acces to your document 
> folder, is that right? why don't you use htaccess ??