Restricting access to sub folders and files.

J

Jason Titcomb

Hello All,
I would like to restrict access to a folder and all it's sub-folders and
files.
Using VS2005, ASP.NET 2.0, Forms Authentication, IIS6

The web.config in the root of the site has the following in the config and
it works.
It redirects a new user to the login page just fine.
<location path="Movies.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>

The Movies.aspx renders available movies to watch depending on the
querystring.
The trouble is that if after watching the movie the user can see the url to
the movie.
If the user accesses the movie url directly it will bypass the
authentication.
I would like to have the location in the web.config specify a folder,
sub-folders and all files.

I tried creating a web.config in the Movies folder as follows.
<configuration>
<location>
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
</configuration>
It seems that the documentation said that if the location did not specify a
path it would imply all child folders.
This does not work for me.
Any help would be appreciated.
Jason
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,731
Messages
2,569,432
Members
44,835
Latest member
KetoRushACVBuy

Latest Threads

Top