file restriction - Forms authentication

Discussion in 'ASP .Net' started by =?Utf-8?B?RWQ=?=, May 31, 2004.

  1. Hi,

    I'm have an asp.NET project, and I'm using Forms authentication method. I was wondering if there is a way to deny access to files that are not .aspx...ie: Someone who tries to access somepage.aspx is prompted for a username and password. However, if someone tries to access somefile.pdf, he can do this without authentication.

    Any Suggestions?

    Thanks,

    Ed
    =?Utf-8?B?RWQ=?=, May 31, 2004
    #1
    1. Advertising

  2. Hi Ed,

    Only those file types that are mapped in IIS to the aspnet_isapi.dll are
    going to be processed by Forms authentication. You have a couple of
    options when it comes to PDF files.

    1. Have an ASPX page that authenticates and then streams the PDF to the
    browser via Response.BinaryWrite.
    2. Map the PDF file type to the aspnet_isapi.dll in IIS.

    Jim Cheshire, MCSE, MCSD [MSFT]
    ASP.NET
    Developer Support


    This post is provided "AS-IS" with no warranties and confers no rights.

    --------------------
    >Thread-Topic: file restriction - Forms authentication
    >thread-index: AcRHRzUlZFxlqk6eRWu5C6EeDelK+Q==
    >X-WN-Post: microsoft.public.dotnet.framework.aspnet
    >From: "=?Utf-8?B?RWQ=?=" <>
    >Subject: file restriction - Forms authentication
    >Date: Mon, 31 May 2004 12:41:03 -0700
    >Lines: 9
    >Message-ID: <>
    >MIME-Version: 1.0
    >Content-Type: text/plain;
    > charset="Utf-8"
    >Content-Transfer-Encoding: 7bit
    >X-Newsreader: Microsoft CDO for Windows 2000
    >Content-Class: urn:content-classes:message
    >Importance: normal
    >Priority: normal
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    >Newsgroups: microsoft.public.dotnet.framework.aspnet
    >Path: cpmsftngxa10.phx.gbl
    >Xref: cpmsftngxa10.phx.gbl microsoft.public.dotnet.framework.aspnet:237315
    >NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
    >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet
    >
    >Hi,


    I'm have an asp.NET project, and I'm using Forms authentication method. I
    was wondering if there is a way to deny access to files that are not
    ..aspx...ie: Someone who tries to access somepage.aspx is prompted for a
    username and password. However, if someone tries to access somefile.pdf,
    he can do this without authentication.

    Any Suggestions?

    Thanks,

    Ed
    >
    Jim Cheshire [MSFT], Jun 1, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,446
    Tommy
    Feb 13, 2004
  2. z f
    Replies:
    2
    Views:
    5,067
  3. JEFF
    Replies:
    1
    Views:
    1,011
    =?Utf-8?B?YnJpYW5zW01DU0Rd?=
    Nov 12, 2007
  4. Eric
    Replies:
    2
    Views:
    481
  5. Yan Wu

    restriction on file handle

    Yan Wu, Jan 21, 2004, in forum: Perl Misc
    Replies:
    7
    Views:
    114
    Anno Siegel
    Jan 22, 2004
Loading...

Share This Page