I have only link to sharepoint shared folder https://xxxxx.sharepoint.com/:f:/g/Djzdv2-qFLlFsFSFsfdSFSfsfSfSFsfsdfsfsd-ASDASAS?e=5%3aYfSFrK&at=9 with anonymous access (no login, no password).
I can open the link in a web browser and manually browse the directory structure, download files, create folders and upload new files in web interface.
I need to access this programmatically. Is there .NET library that would allow this?
I've tried to find a solution, but it always requires login credentials, which I don't have and can't have. I only need access through the given link.
Related
I have a webpage where user's can select the files from a list view and click on a download button to download the files. This is not a public site. I want the selected files to download into a specified location and if the location does not exist then I want to create the location. I don't any save dialog or user interaction.
I understand that this is a security problem as any site could download files into a location on the client's pc without them knowing.
Can someone give me a solution or provide some knowledge on how to do this? Or can you confirm that this is not possible please. Thanks
User's access the site on locked down kiosks, tablets and laptops. All which need to be used offline.
If I understand correctly, this is your setup
You have a web sever
You have a kiosk which shows web pages reading from that web server
User uses the kiosk, while on the web page, selects some files in the list and hits some button
Your requirement
You want those selected files to be saved on kiosk or some other PC available on the same network, without having save file dialog?
For above requirement you can do this,
Create a folder on kiosk/network computer and share it
Make sure web server can access the shared location
When user clicks on the button on web page
Do a post back on server (using AJAX or regular post-back), then on the web server, save the files in the shared folder and provide a success response to the end user
BTW I am NOT sure how you will be able to access those files (saved in kiosk) using the browser, if that is also required.
I have a C# MVC web application that uses the NTML authentication (windows authentication). And I want to access to a shared folder (accessible from the web server).
the shared folder contains a list of sub directories, each directory represents a user personal directory. using windows explorer in the web server, each user is able only to access to its personal folder.
Actually, when I want to access to this shared folder using the application, I have an access denied (As the IIS process doesn't have permission to access to this folders). And I want to know how the user can access to its personal folder via the application.
Is there a way to get user login and password from NTML connection, or a way to access to this shared folder via user NTML token?
I don't have the user login/password.
You can change the thread identity https://msdn.microsoft.com/en-us/library/w070t6ka(v=vs.110).aspx
or use P/Invoke WNetAddConnection2 https://msdn.microsoft.com/en-us/library/windows/desktop/aa385413(v=vs.85).aspx
You can enable ASP.NET user impersonation - https://msdn.microsoft.com/en-us/library/aa292118(v=vs.71).aspx
However, do note that you need to make sure that you only use impersonation when accessing the user's resources - for example, if you simply impersonate the whole request, you may no longer have access to shared data or a database.
I am using asp.net mvc4 application. where I have custom code which upload the files in specific folder of my application. this code has option to delete files(uploaded on that) folder.
I don’t have that code so I want to change permission of that folder so that it will not allow to delete files from that location via web application.windows its self send error for permission.
I have deny delete permission for the networksservices but not working.
now this is working for already images available in this folder. But now problem is when I am uploading new images it is allowing to delete a image means security permission hasn't applied to new images. why?
How/Which user should I assigned permission deny of delete?
It seems that the user account under which your web site is running isn't networkservices.
If your application is hosted in IIS, you need to find the Application Pool for your web site and then check the user account used by this application pool. So check the properties of your web site on IIS, see the application pool name and then go to the Application Pools node in IIS console tree, find the application name and check its properties to find the related user.
I want to ask what the difference is between the app_data folder in a web application and in a web site .
I want to make sure that this folder is secure in web application because I put specific file in this folder which specific users only can download it.
The App_Data folder is used by ASP.NET to store an application's local database, such as the database for maintaining membership and role information. There is be no difference between the app_data folder using a Web App or a Web Site.
Sources:
http://msdn.microsoft.com/en-us/library/ex526337.aspx
http://msdn.microsoft.com/en-us/library/dd547590.aspx
Preventive Action to check the user is valid before downloading
Do not give the Directory Browsing Provision in IIS.
There is basically a way in which the Anonymous/Unauthorized user can Access/download your Authorized File. Example - You know the Query String Values and other user can type and download it. So, there are two ways by which you can prevent unauthorized User to download file.
(a) Keep the Web.Config in this folder and define the Roles/Users whoever can access it.
(b) In the Page Load, you can check the page being opened is being done by the Authorized user only.
App_Data Folder is same for both types Web Application as well as Web Site.
As Darren answered, there is no difference.
But to your other point of using it as a secure storage location, it is protected by ASP.NET, much like the bin folder, and users cannot browse to it.
I downloaded a plugin for an Office product that prompts you for your SharePoint site url and username and password and then it will create you appropriate lists and views on your SharePoint site. Can someone let me know if I can make a program on my Windows XP machine that will take in the site url, username and password and be able to programmatically create lists and views?
I did some searching on google and it seems this needs to be done on the SharePoint server. I don't have access to the server and would need to do the development from my XP machine. And seeing the plugin do exactly what I wanted gives me some hope.
Thanks.
You'll want to look at accessing SharePoint through its Web Services. Specifically, the Lists Web Service and the Views Web Service. Here's the Lists.AddList method from the lists service - should get you going down the right path.