Community
DWF Viewer (Read Only)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Anyone using HTML or ASP to Embed maps within a web page?

11 REPLIES 11
Back to Community Archive - Read Only Category
Back to Topic Listing
Reply
Message 1 of 12
dcarva
524 Views, 11 Replies
‎04-11-2003 01:48 AM
‎04-11-2003 01:48 AM

Anyone using HTML or ASP to Embed maps within a web page?

Hello,

I am using the following code to display maps in an asp page.





The dwf files are located on a web server. However, the files are behind virtual directories (IIS) that are secured with NT Authentication. So when this page loads, an NT login dialog box appears. We don't want the user to have to login twice. How can I pass through? I have tried many methods, including the use of Microsoft's ADO Stream object but had no success. Has anyone run into the same problem? Any suggestions on how to solve this?

Thanks!
Danny
Report
0 Likes
11 REPLIES 11
Message 2 of 12
dcarva
in reply to: dcarva
‎04-11-2003 02:15 AM
‎04-11-2003 02:15 AM

Sorry, the code did not appear because I was inside the object tag. Here is the pesudocode:

[object id = "viewer" classid = "clsid:A662DA7E-CCB7-4743-B71A-D817F6D575DF" width="100%" height="100%"]
[param name = "src" value="http://www.somedomain/files/getfile.asp"]
[/xobject]
Report
0 Likes
Message 3 of 12
Anonymous
in reply to: dcarva
‎04-11-2003 04:09 AM
‎04-11-2003 04:09 AM


Do the virtual directories *have* to require
Windows Authentication?  If you uncheck that setting for the virtual
directory, you won't get the second login.

 

😛

 



style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">Sorry,
the code did not appear because I was inside the object tag. Here is the
pesudocode:

[object id = "viewer" classid =
"clsid:A662DA7E-CCB7-4743-B71A-D817F6D575DF" width="100%" height="100%"]

[param name = "src" value="http://www.somedomain/files/getfile.asp"]

[/xobject]

Report
0 Likes
Message 4 of 12
dcarva
in reply to: dcarva
‎04-11-2003 05:30 AM
‎04-11-2003 05:30 AM

Well, the files have to be secured somehow so that if someone figures out the path of the files, they can't download them.

The users currently login to the site and authenticate via a database. If they login correctly, then I give them links to certain dwf files, based on whose logged on.

Are there other ways to secure the files, but still be able to access them using the object tag as I had it above?

Thanks!!!
Danny
Report
0 Likes
Message 5 of 12
Anonymous
in reply to: dcarva
‎04-11-2003 06:21 AM
‎04-11-2003 06:21 AM

OK. Try this:

 

Make sure the login page is an ASP
page.  Make sure that Windows Authentication is enabled against that
page.  This will give you their
href="file://\\DOMAIN\username">
size=2>\\DOMAIN\username when you access
face="Courier New">Request.ServerVariables("LOGON_USER") in ASP.  If
they authenticate against Windows, then you can use the username from the
face="Courier New">Request.ServerVariables("LOGON_USER") variable to
assign them their rights, per the database you are currently using for
maintaining users.

 

The cool thing about this method is that the
Windows authentication should carry over to all other virtual shares, ASP
pages (and DWFs) that required Windows Authentication on the site for as
long as 1) the virtual shares are part of the same authentication
domain, and 2) the user is logged into their computer.  In
essense, after the first authentication, the user wouldn't have to log in again
until they rebooted or something.  You could drop your database
authentication and just use the single Windows login to authenticate access to
the site and get access to the username for rights assignment for your
subweb.

 

HTH,

 

😛


style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
Well,
the files have to be secured somehow so that if someone figures out the path
of the files, they can't download them.

The users currently login to the site and authenticate via a database. If
they login correctly, then I give them links to certain dwf files, based on
whose logged on.

Are there other ways to secure the files, but still be able to access them
using the object tag as I had it above?

Thanks!!!
Danny

Report
0 Likes
Message 6 of 12
dcarva
in reply to: dcarva
‎04-11-2003 06:32 AM
‎04-11-2003 06:32 AM

Peter,

Thanks for the reply. The web server is accessed over the internet by anonymous users who don't log to our server using NT Authentication. They are simply anonymous users. I thought about creating a user account for each user (on the fly) and find out whose logged on using Request.ServerVariables("LOGON_USER"). But then I would have to create user accounts on the web server, and I would run into licensing issues. (as I did when I did some tests)

The way I was getting around this was to pass an account, that has access the the secure folders, in the url like this: http://username:password@somedomain.com. It worked great. The problem was that some company's proxy servers rejected that. (not all)

So, maybe I should phrase my question better. Other than NT authentication, is there another way that I can secure my dwf files and still have them 1) Accessible from the HTML page and 2) Not force the user to login?

I appreciate your help and your time,
Danny
Report
0 Likes
Message 7 of 12
Anonymous
in reply to: dcarva
‎04-11-2003 06:38 AM
‎04-11-2003 06:38 AM


😧

 

Let me think about this a bit. I can't
think of anything off the top of my head, but that doesn't mean it's not
possible 😉

 

😛


style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
Peter,

Thanks for the reply. The web server is accessed over the internet by
anonymous users who don't log to our server using NT Authentication. They are
simply anonymous users. I thought about creating a user account for each user
(on the fly) and find out whose logged on using
Request.ServerVariables("LOGON_USER"). But then I would have to create user
accounts on the web server, and I would run into licensing issues. (as I did
when I did some tests)

The way I was getting around this was to pass an account, that has access
the the secure folders, in the url like this:
href="http://username">http://username:password@somedomain.com. It worked
great. The problem was that some company's proxy servers rejected that. (not
all)

So, maybe I should phrase my question better. Other than NT authentication,
is there another way that I can secure my dwf files and still have them 1)
Accessible from the HTML page and 2) Not force the user to login?

I appreciate your help and your time,

Danny

Report
0 Likes
Message 8 of 12
dcarva
in reply to: dcarva
‎04-11-2003 06:43 AM
‎04-11-2003 06:43 AM

One last thing. I tried using the ADO Stream object. Basically, the ASP page, which was outside of the secure foders, would read the dwf file that is in the secure folder. I spent a whole day trying to get it to work. I finally got it to work, but the darn thing won't open within the browser itself, even though I am using an "inline" content-type. The other problem with this is that the MIME type I had to use was "drawing/x-dwf". Well the MIME type in the registry for Autodesk Express is "Model/vnd.dwf". It won't work with that..until I changed it to "drawing/x-dwf". This would mean that each user would have to change this value in their registry. As you can see I am running out of options.

Anway, I really do appreciate any help.
Thanks!
D.
Report
0 Likes
Message 9 of 12
Anonymous
in reply to: dcarva
‎04-11-2003 07:05 AM
‎04-11-2003 07:05 AM

It seems that you have some flexibility in your
configuration.  What if you simply referred to a local or network directory
pathing scheme to the DWF instead of a URL?  For example, the paramater in
your object could specifiy a path to a local or shared network drive that was
off of the physical web root.  Like this:

 

[param name = "src"
value="file:///C:\MyDrawings\SomeDir\MyDwf.dwf"]

 

This directory would not be accessible to web
clients, but would be accessible to the IUSER_<SERVER> account that runs
IIS by default.  There wouldn't be any direct URL path possible from a web
client.  And any access to the page that contained the embedded AEV object
would be regulated by your current user security methodologies.  It could
even be a network drive, but then things get a bit trickier.  If the DWFs
are accessible via a network share, i.e.

 


 

or, better still, using UNC ...

[param name = "src"
value="\\MyServer\MyShare\SomeDir\MyDwf.dwf"]

 

you could still access them, but the
IUSER_<SERVER> account that runs the IIS Service(s) would need to be
replaced with a network account/password that had access to the server/share
that housed the DWFs.  From a security standpoint, this might have to be
sold to IT though.

 

😛


style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
One
last thing. I tried using the ADO Stream object. Basically, the ASP page,
which was outside of the secure foders, would read the dwf file that is in the
secure folder. I spent a whole day trying to get it to work. I finally got it
to work, but the darn thing won't open within the browser itself, even though
I am using an "inline" content-type. The other problem with this is that the
MIME type I had to use was "drawing/x-dwf". Well the MIME type in the registry
for Autodesk Express is "Model/vnd.dwf". It won't work with that..until I
changed it to "drawing/x-dwf". This would mean that each user would have to
change this value in their registry. As you can see I am running out of
options.

Anway, I really do appreciate any help.
Thanks!

D.

Report
0 Likes
Message 10 of 12
dcarva
in reply to: dcarva
‎04-12-2003 12:50 AM
‎04-12-2003 12:50 AM

Oh. I tried doing this:

[param name = "src" value="c:\MyDwf.dwf"]

But it was running client-side. It was looking for the file on the client machine. If I could get it to look for it on the server itself, that would be sweeeeeeeeeeeeeeet. Let me try a few things with this.

Thanks!
Report
0 Likes
Message 11 of 12
Anonymous
in reply to: dcarva
‎04-15-2003 05:31 AM
‎04-15-2003 05:31 AM

Any luck?


style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
Oh.
I tried doing this:

[param name = "src" value="c:\MyDwf.dwf"]

But it was running client-side. It was looking for the file on the client
machine. If I could get it to look for it on the server itself, that would be
sweeeeeeeeeeeeeeet. Let me try a few things with this.

Thanks!

Report
0 Likes
Message 12 of 12
dcarva
in reply to: dcarva
‎04-16-2003 05:06 AM
‎04-16-2003 05:06 AM

No luck. The object tag tries to look for the file on the client, not on the server:

value="file:///C:\MyDrawings\SomeDir\MyDwf.dwf"

I have run out of ideas. It seems like NT Authentication is the only way out of this, but I can't use NT Authentication.

Thanks for your help,
Danny
Report
0 Likes
Reply

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk Design & Make Report

Report a website issue