asp.net media protection

Question

Does anyone know a good practice of securing media for asp.net?

I need to host a variety of media that require permission to a view a specific image/video. i.e. a specific user may or may not have permission to view a media file - and this fact may be changed on the fly.

I don't care if they can download a media file that they have access to, I just don't want them to even be aware of items they should not have access to.

I've already considered url obfuscation - this seems quite lame to me.

I have form authenticated users (and I'm not willing to change this).

I would like to keep the media file folder structure unrelated to permissions.

Answer 1

Build an HttpHandler that all media must be accessed through. Then, prior to retrieving the file and sending it down to the user, you can perform any validations that you'd like. Keep all of your media outside of the main wwwroot path, or deny access to that folder using permissions.

More info on this topic here:

http://www.15seconds.com/Issue/020417.htm

Answer 2

I use an xml file like this to set which users/groups have access to a file

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE root[
    <!ELEMENT file ANY>
    <!ATTLIST file name ID #REQUIRED>
]>
<root>
    <file name="file.doc" users="155,321" groups="grp5" />
    <file name="file2.doc" users="321" groups="" />
</root>

files are stored above http root so they cannot be accessed by URL.

When a user tries to access GetFile.aspx?file=file.doc I load the XML, get the line with

XmlNode xnFile= XML.GetElementById(wantedFile);

, then I call a function

 HasAccess(Context.User, xnFile); 

Which checks if the user is logged in and compares the permissions, and if it is ok for this user to have the file, I read the files from disk and write them out with

FileInfo thisFile = new FileInfo(secretLocation + wantedFile);
Response.Clear();
Response.Buffer = false;
Response.BufferOutput = false;
Response.ClearContent();
Response.ClearHeaders();
Response.AddHeader("Content-Length", thisFile.Length.ToString());
Response.AddHeader("Content-disposition", "filename=" + thisFile.Name);
Response.ContentType = "application/none";
Response.WriteFile(secretLocation + wantedFile);
Response.Close();
Response.End();
Response.ClearContent();
Response.ClearHeaders();

Actually now I have more than a thousand files, and I think of writing the file data to the database as the XML got corrupted twice in 5 years, probably due to crashes or simultaneous use.

Answer 3

From your comment in the Spikolynn answer

I'm puzzled - how is this different than obfuscation? Would an authenticated user be able to share an image (which they are authorized for) with another authenticated but unauthorized user?

I guess that you try to prevent unauthorized sharing of media.

This is something a lot of companies (Microsoft, Apple, IBM, etc) have put considerable amount of money to solve. The solution was DRM, and now they are removing it, because it failed.

So, my answer is that you can not prevent sharing if the user is willing to put some effort to avoid it.

You can just keep the honest people honest by applying some techniques as Spikolynn or Lusid explain in their answers.