2 Replies Latest reply on Apr 17, 2009 6:30 PM by 802251

    Access restricted folders on Network Drive.

      We have a network drive where we save all our documents. Users can access this drive two ways:
      1. Through windows explorer
      2. Through our custom application (documents are related to items in the application).

      Now, there is no way for us to know if an user gets into the documents folder and deletes/modifies a document (through windows explorer). So, for that reason, we are contemplating on restricting user access to this network folder through windows explorer. No user can enter this folder unless the user is an administrator. If this is implemented, then normal users will not be able to access documents from the folder, neither through windows explorer nor the application. We are happy that normal users will not be able to access documents through windows explorer, but concerned about users unable to access the documents folder through application.

      Restricting the access to normal users to that shared folder is taken care by the administration, but I have to look into how to by pass those rights by the users when they try to look into that folder through the application? I am pretty sure that I can Google this, but couldn't come up with an exact search phrase. I therefore came here, for help.

      Is there any way that this can be done?
      Thanks in advance.
        • 1. Re: Access restricted folders on Network Drive.
          You're asking how your Java program could bypass the user access rules which are imposed by the operating system?

          Well, you seem to be asking about a Windows-based network, so conceivably you would be able to use JCIFS to do that. But you would have to have it access that network drive with an administrator's ID and password, which would have to be built into the program in some way. There are some definite security issues with doing that.

          Or I believe there's a "Run As..." option in Windows. I don't know how this works but I expect it would require the user to input an administrator's password at some point. Which of course makes the whole exercise pointless if the user already knows an admin password. I could be wrong about how it works though. After all this isn't a Windows forum... that's my excuse...
          • 2. Re: Access restricted folders on Network Drive.
            Talk to your NetAdmins as see if they can create a special group account that will have only one user. Ask them to password protect the network share and supply the password to you, as well as the one user that belongs to that special group. Once you have this information, you could then program the user name and password into your program. I would use a char array to hold it and create a temporary String on the fly to log into the folder to access the documents your program needs to access.

            Now, I come from the Linux world, where entire file systems, folders and individual files can be set to belong to a specific owner and group. Also, in Linux, the access rights to a file system, folder or individual file can be set for the owner, group and world, independently of each other. It has been so long since I've even looked at Windows that I don't know if (though I don't believe) this is possible, but talk to your NetAdmins anyway. Who knows, maybe they can actually help you out here.


            Sean Carrick
            PekinSOFT Systems