Dynamic-CD |
Multi-user considerations Dynamic-CD can be run on a network server in a number of ways. A server CD drive could be mapped as a user's local drive and Dynamic-CD could be run from there. In this scenario, such users will be running their own copy of Dynamic-CD in single-user mode. Dynamic-CD can also be run in multi-user mode on a server with remote users accessing the Dynamic-CD by replacing the single-user IP address "127.0.0.1" with the IP address of the server. The Passwords and Cookies stored by Dynamic-CD are tied to user's IP address. This means that when a user with the username/password "user1/pass1" accesses a protected file, a network user with the same username/password will not be able to access user1/pass1 files until they also have also entered the correct username/password combination. By default, Dynamic-CD does not permit network access from IP addresses other than the starting address "127.0.0.1". However, network access can be enabled on the Advanced Settings tab of Dynamic-CD-Wizard.
Other security considerations It is of course a simple matter for a user to copy a Dynamic-CD and inform others about the usernames and passwords. To protect sensitive data, other security techniques include :
Access control via scripts If you permit general network access, you could implement detailed access control with the following technique :
Adding this security header as a Server-Side Include to all sensitive files would prohibit access from any IP address other than "127.0.0.1". Response.BinaryWrite file streaming If you use scripts to create a new file on the hard disk of the machine running Dynamic-CD, a standard procedure for displaying the file is to use a file:// URL. For example, the chart example, using Office Web Components writes a GIF file and has the browser display it direct from the Windows temporary directory :
If, however, the user is accessing Dynamic-CD over a network, this technique will fail because the local drive specified in the file:// URL will not be available to the user. The solution is to send the file over the network using Response.BinaryWrite . However, you will not be able to open and read a binary file without additional support - the Scripting.FileSystemObject does not support reading binary files. Instead, use the BinaryFileStream object (described below) to open the binary GIF file and send its contents as binary data using Response.BinaryWrite :
The BinaryFileStream object can be created using VisualBasic :
and then registered on the machine running Dynamic-CD.
© Copyright 2000-2007 PHD Computer Consultants Ltd |