Web.config

[Maziar Aflatoun]

Hi everyone,

I have created a Web.config file that when users try to access any .aspx
file in the /protected folder redirects them to a login page. But this
doesn't work for .jpg, .zip...etc. How can I change that? Also, I don't have
access to the remote hosting IIS admin. So, it has to be done in Web.config.
Is that possible to enable authentication for .zip, .jpg...etc.

Thanks
Maz.

 

[Peter Rilling]

Forms authentication only works with files that are processed by the
aspnet_isapi.dll. As you might have guessed, images and other non-ASP.NET
files are not processed by this filter. So, to solve this problem, you
would either need to use IIS to protect the folder, or make it so that
images are processed by the ASP.NET filter. Both require changes to the IIS
box. Since you do not have access to IIS, then there is nothing that can be
done (that I know of).

 

[Tampa.NET Koder]

Not possible..for what I know

 

[vMike]

Hi everyone,

I have created a Web.config file that when users try to access any .aspx
file in the /protected folder redirects them to a login page. But this
doesn't work for .jpg, .zip...etc. How can I change that? Also, I don't have
access to the remote hosting IIS admin. So, it has to be done in Web.config.
Is that possible to enable authentication for .zip, .jpg...etc.

Thanks
Maz.

Here is one possible way at least for image file. If your images are in a
directory above you web root (make sure aspnet has rights) or in a database,
you can stream them out from a aspx file by saving to the
response.outputstream or some kind of binary write. Therefore the user must
call the aspx file to get to the image. You could probably do the same with
zip files. This may give you some ideas anyway.

Mike