Rajiv's Portal
  Search for:
New Users  |  Log In Contact Us

Home  


Mad.co.uk  


Canadian Business  


SimilarMinds Tests   


member database  


classifieds  


announcements  

calendar  


headlines  


discussions  


Chat  


Greeting cards  


Web link  


Poll  


Shared Files  


speaker directory  


Vendor storefronts  


Sub portals  


con man  


Consulting Material  


wedding photos  


Acteva  


Online Donation  


AACM  


Ahimsa  


ambrenen test pg  

List of Categories

Test category
Construction subscribe
Family News subscribe
psg test subscribe
test QA subscribe






You are here: Homeannouncements

announcements


test announcement from Notepad

You are here: test QAtest announcement from Notepad

Subject: test announcement from Notepad
Posted by: guest   (guest@readyportal.net)
Date Posted: 7/7/03
Issue b An uploaded file in shared files feature could be accessed by saving the URL on ones browser, irrespective of the security settings of a particular folder.

This was a growing concern among existing ReadyPortal customers as shared files contained sensitive documents.

Solution b The extra layer of file depot security was introduced to solve this
above-mentioned problem. The logic for security check will be the same as it is for existing shared files feature.

Example - if one surfed to a page containing a shared file feature that was secured (members/admins only), the portal accordingly would reject the user and redirect him/her to the login page. One would also be rejected if one tried to directly access any of the contents in shared file via typing in the URL.

Basically it means that if the security settings (access policies) on shared files folder is set to "Anyone" then typing in a direct URL will work. However, if the security settings are bMembers Onlyb or bAdmins Onlyb then one will have to go through the site or at minimum will have to log in to the site and get to the files. If one tries to access the content of a members/admins only folder it will result in a 404 error such as
http://members.healthcaredistribution.org/file_depot/0-10000000/0-10000/1304/folder/21471/8-15-02_loc_confc-min.pdf

This extra layer of shared file security bypasses site/page/content module security. Therefore if one has a public folder (policies set to bAnyoneb) on an admin/member only page the content of the folder (files) would still be accessible if one types the URL directly. This was done keeping in mind that most of the site graphics are on an admin only page, in a folder that is set to b Anyone can viewb.
Example - http://www.iienetwork.org/file_depot/0-10000000/0-10000/1710/folder/10455/IIENetworker2

Please post your questions regarding this feature on the Product Questions discussion board under the topic bFile member delete featureb.

Thanks,
Rajiv


this is nothing