Server Setting to allow/disallow Uploads

Server Setting to allow/disallow Uploads

am 22.05.2007 17:57:02 von VinnieL

I would've thought that someone from the FrontPage Client or FrontPage Server
Extens forum would be able to answer this because of the tight relationship
between the technologies but apparantly not.
Can someone in this forum address this?
BTW I tried the adjust the NTFS permissions of the anonymous user to no avail.


=========================================

Suggest you post this tot he Windows Server newsgroup, as it deal with IUSER
permissions.

--
==============================================
Thomas A. Rowe
Microsoft MVP - FrontPage

http://www.Ecom-Data.com
==============================================


"Vinnie L" wrote in message
news:E19FF2CF-0E5B-41CE-BA9D-DC5E5016D00B@microsoft.com...
> How can we manage the ability to allow/disallow web developers to give the
> ability to users to Write to files/directories. There has been discussions
> around this issue where a FP developer has the setting to have Anonymous
> Write to a file greyed out. The response was that that's the setting
> determined by the hosting company. What setting is that on the server? Is is
> a registry setting, a Administration Web setting? I can't seem to find it.
> Any assistance will be greatly appreciated.
> Thanks
>
>

Re: Server Setting to allow/disallow Uploads

am 23.05.2007 10:19:35 von David Wang

What you want to do is possible. But, the behavior you describe
completely depends on the server-side application you use. There is no
server setting to allow/disallow uploads.

IIS does not know about "FP developers", "anonymous users", nor
"download/upload". IIS only knows to execute code to generate a
response for every single request using some NT user token", and IIS
only executes code which either:
1. directly opens a file and sends it as is (Static File Handler)
2. loads a Win32 DLL and invokes HttpExtensionProc (ISAPI Handler)
3. launches a new process for CGI EXE (CGI Handler)
4. handles WebDAV commands

Controlling user delegation of permissions to write on the local
filesystem is certainly possible, but it all depends on how the server-
side application authenticates and authorizes access to functionality.
And all of that has very little to do with IIS - at the root of it
all, the server-side application just tells IIS to "use this NT user
token and execute this piece of my code".

In other words, the behavior you are asking for is closer to
provisioning web server access, which can be done with special
software for web servers. Generic web server is necessary for the
complete solution, but it is not that piece of software.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//





On May 22, 8:57 am, Vinnie L
wrote:
> I would've thought that someone from the FrontPage Client or FrontPage Server
> Extens forum would be able to answer this because of the tight relationship
> between the technologies but apparantly not.
> Can someone in this forum address this?
> BTW I tried the adjust the NTFS permissions of the anonymous user to no avail.
>
> =========================================
>
> Suggest you post this tot he Windows Server newsgroup, as it deal with IUSER
> permissions.
>
> --
> ==============================================
> Thomas A. Rowe
> Microsoft MVP - FrontPage
>
> http://www.Ecom-Data.com
> ==============================================
>
> "Vinnie L" wrote in message
>
> news:E19FF2CF-0E5B-41CE-BA9D-DC5E5016D00B@microsoft.com...
>
>
>
> > How can we manage the ability to allow/disallow web developers to give the
> > ability to users to Write to files/directories. There has been discussions
> > around this issue where a FP developer has the setting to have Anonymous
> > Write to a file greyed out. The response was that that's the setting
> > determined by the hosting company. What setting is that on the server? Is is
> > a registry setting, a Administration Web setting? I can't seem to find it.
> > Any assistance will be greatly appreciated.
> > Thanks- Hide quoted text -
>
> - Show quoted text -

Re: Server Setting to allow/disallow Uploads

am 23.05.2007 14:54:01 von VinnieL

Thanks Dave, I appreciate the time you spent on this reply.
Ok, so If I understand you correctly then there is no way for this to work
with IIS and FrontPage Extensions, i.e., I need a third party software to
allow this to work. This is contradictory to what I was told in the FrontPage
forum.
When you say that this 'is possible but the behavior completey depends on
the server-side application you use' and this, I assume, is what you mean by
'special software'
Do you happen to know any applications that will do this?
Thanks again
vl

"David Wang" wrote:

> What you want to do is possible. But, the behavior you describe
> completely depends on the server-side application you use. There is no
> server setting to allow/disallow uploads.
>
> IIS does not know about "FP developers", "anonymous users", nor
> "download/upload". IIS only knows to execute code to generate a
> response for every single request using some NT user token", and IIS
> only executes code which either:
> 1. directly opens a file and sends it as is (Static File Handler)
> 2. loads a Win32 DLL and invokes HttpExtensionProc (ISAPI Handler)
> 3. launches a new process for CGI EXE (CGI Handler)
> 4. handles WebDAV commands
>
> Controlling user delegation of permissions to write on the local
> filesystem is certainly possible, but it all depends on how the server-
> side application authenticates and authorizes access to functionality.
> And all of that has very little to do with IIS - at the root of it
> all, the server-side application just tells IIS to "use this NT user
> token and execute this piece of my code".
>
> In other words, the behavior you are asking for is closer to
> provisioning web server access, which can be done with special
> software for web servers. Generic web server is necessary for the
> complete solution, but it is not that piece of software.
>
>
> //David
> http://w3-4u.blogspot.com
> http://blogs.msdn.com/David.Wang
> //
>
>
>
>
>
> On May 22, 8:57 am, Vinnie L
> wrote:
> > I would've thought that someone from the FrontPage Client or FrontPage Server
> > Extens forum would be able to answer this because of the tight relationship
> > between the technologies but apparantly not.
> > Can someone in this forum address this?
> > BTW I tried the adjust the NTFS permissions of the anonymous user to no avail.
> >
> > =========================================
> >
> > Suggest you post this tot he Windows Server newsgroup, as it deal with IUSER
> > permissions.
> >
> > --
> > ==============================================
> > Thomas A. Rowe
> > Microsoft MVP - FrontPage
> >
> > http://www.Ecom-Data.com
> > ==============================================
> >
> > "Vinnie L" wrote in message
> >
> > news:E19FF2CF-0E5B-41CE-BA9D-DC5E5016D00B@microsoft.com...
> >
> >
> >
> > > How can we manage the ability to allow/disallow web developers to give the
> > > ability to users to Write to files/directories. There has been discussions
> > > around this issue where a FP developer has the setting to have Anonymous
> > > Write to a file greyed out. The response was that that's the setting
> > > determined by the hosting company. What setting is that on the server? Is is
> > > a registry setting, a Administration Web setting? I can't seem to find it.
> > > Any assistance will be greatly appreciated.
> > > Thanks- Hide quoted text -
> >
> > - Show quoted text -
>
>
>