Developer forum

Forum » CMS - Standard features » Trying to download files from secure folder returns 403 (DW 9.12.9)

Trying to download files from secure folder returns 403 (DW 9.12.9)

E-mail notifications
Roald Haahr
Reply
Posted on 05/01/2023 10:55:28

I have taken the following steps

1. Selected the 'Extranet secure folder' in the settings (/Files/Secure)
2. Set the Read permission for the selected folder to Deny for the IUSR on the server

However, when logged in to the frontend, files still return 401 when I try to access them directly and 403 when using dwsdownload.aspx.

I have tried to change the permissions on the IUSR to Full control, which makes it possible to access the file directly, but dwsdownload.aspx still returns 403.

Furthermore, I noticed that dwsdownload.aspx stopped working for the secure folder as soon as I selected the secure folder. So with IUSR set to full control for the folder dwsdownload.aspx still returns 403 for the selected secure folder.

I have tested with my Chrome and in incognito. What am I missing?

Kind regards,
Roald

 


Replies

 
Oleg Rodionov Dynamicweb Employee
Oleg Rodionov
Posted on 11/01/2023 01:31:00
Reply

Hi,

I've tried to check the feature on solution based on last DW9.14.7. Here is setup to use the feature and results, pls find attached files: permissions on the folder in FM, delete access to the folder in IIS, the option should be deleted in the folder mapping in iSS as well. So, if I use url to download a file inside the folder via browser in incognito mode then I have 403  - expected resut (OK). If I will be logged by an extranet user from group with Read permissions (Frontend in my case) then the download is available - expected result (OK). 

BR, Oleg QA

 

2023-01-11_10-11-04.png 2023-01-11_10-16-06.png 2023-01-11_10-17-43.png 2023-01-11_10-29-03.png 2023-01-11_10-35-42.png

 

You must be logged in to post in the forum