I need to make some non-asp.net managed files, such as .mp3's, only available to users who have logged in (via forms authentication).
I've read that one way to do this is to map the file type to the ASP.NET engine, but I'd rather not do that.
I'm assuming that locating the download-able files in a folder above the web's root (e.g. c:\ProtectedFiles) would be a part of the puzzle.
What I'm looking for is the easiest method for implementing this.
Oh, using ASP.NET 2.0, if that makes a difference.