You probably have this kind of scenario, you have developed a document library system base on the WSS object model, users of this system need to download files from backend WSS site, but sometimes these users can't access the backend WSS site, you just grant the proper permission to them in your system, I mean they are probably the reader to your system, but not the reader to backend WSS site. So if they want to download files, you can't just give them a specific URL(eg. http://HostName/sites/LibName/ListName/FileName.doc").

Obviously, you need to solve this problem, okay, here is the code:

/// <summary>
/// Used for downloading files from DocLib
/// </summary>
public class SPSFileDownloader
{
    string m_FileUrl;
    string m_FileName;
    NetworkCredential m_NetworkCredential;/// <summary>
    /// Constructor
    /// </summary>
    /// <param name="fileUrl">File URL(http://HostName/sites/LibName/ListName/FileName.doc)</param>
    /// <param name="fileName">File Name</param>
    /// <param name="networkCredential">Credential</param>
    public SPSFileDownloader(string fileUrl, string fileName, NetworkCredential networkCredential)
    {
        this.m_FileName = fileName;
        this.m_FileUrl = fileUrl;
        this.m_NetworkCredential = networkCredential;
    }public void Download()
    {
        HttpWebRequest httpWebRequest =    (HttpWebRequest) WebRequest.Create(this.m_FileUrl);
        WebHeaderCollection whc = new WebHeaderCollection();
        whc.Add("Translate", "f");
        httpWebRequest.Headers = whc;

        CredentialCache creCache 

Another approach should be "SPFile.OpenBinary()"

Hope this helps.