If your host allows symbolic links in your htdocs (Options FollowSymLinks), you could have the files to be downloaded in another directory outside the htdocs and have a simple CGI script (or mod_perl handler) that:
in reply to File download tool, file size issues, cgi-application
1- Receives as a parameter the filename to be downloaded
2- Given the current authenticated user, creates a symbolic link of the real file to a file in "/htdocs/downloads/", where the symlink name would be something like filename_USERNAME_MD5GARBAGE.pdf. The MD5GARBAGE would be generated by
3- Then your CGI redirects the browser (using the Location HTTP header) to the URL http://yoursite/downloads/filename_USERNAME_MD5GARBAGE.pdf.
my $md5garbage = md5($real_filename, $username, "any random string");
4- Later on, look into your access log and any successful hit to "filename_username_xxxx.pdf" means that that specific user downloaded that specific file.
5- Periodically, clean up the old symlinks in the /htdocs/downloads/ directory.
(Yeah, it looks like a dirty hack...)