The way I've managed this before (and a little hazy on the details 
here...) is to store the files in some directory on your web server 
that isn't part of IIS.  You put the filenames of these files in a 
database table, and then you can refer to them with their ID numbers.  
Then you use a component like Persits ASPUpload to download the file - 
so all you need to do is write a function that takes the ID number of 
the file you're after, work out the actual filename, and then goes off 
and tells the component to squirt that file back to the user.

If you get the response.headers and content types and stuff right then 
you can get it to behave properly vis-a-vis left/right clicking and so 
on.

The other thing you can then of course do, if there's any kind of user 
login security on your site is check in the database whether or not 
this person's allowed to download this file, and so on.

Hope this helps somehow... :)

Jason =)
Web Developer & Protector of Bunny Rabbits

----- Original Message -----
From: jeffs@a...
Date: Monday, April 9, 2001 2:05 pm
Subject: File Download Protection

> I am trying to secure files that are to be downloaded.  Having 
> secured the 
> pages with the links on them, a user can still access the files if 
> they 
> know the full path.  I have used the information in some MS 
> articles to 
> hide the file path in an asp and then use an AcitveX dll to do the 
> binary 
> read of the file.
> 
> My difficulty is trying to duplicate the normal behaviour of 
> links.  For 
> example, left clicking a link for a pdf should start Adobe Acrobat 
> and 
> load the file, right clicking should allow for the selection of 
> "Save 
> target As..." dialog box.  The problem is having a link that 
> allows the 
> passing of different arguements to the intermediate asp depending 
> on the 
> right or left click.
>