Preventing access to all file types in a directory using ASP.NET

[nickk]

Is it possible to prevent access to all files in a (virtual) directory using
ASP.NET and without using an ISAPI filter? I'm quite happy using the standard
classes for authentication and authorisation for ASP.NET (.aspx) pages, but I
want to stop unauthorised users accessing plain HTML pages, PDF files and SWF
files in a directory as well. Can I use HTTPModule for this? Basically, I
want to interrogate and filter all requests in a particular directory, but I
don't want to have to learn C++ just to complete this piece of work.

 

[ekeenan]

Use Wildcard application maps to pass everything through the asp.net
framework dll and then use a http module or suitable authorization
mechanism written in asp.net.
This is a good example.
http://www.eggheadcafe.com/articles/20040317.asp

 

[Andy G]

What I have done is very very simple, it may or may not apply to your
situation. This is the article that I found that worked for me.
http://www.derkeiler.com/Newsgroups...t.framework.aspnet.security/2003-03/0151.html

I added a couple application extensions just like the article said and it
worked great. Very easy fix.