• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 515
  • Last Modified:

Secure PDF files in Asp.net

Hi
We are using forms authentication in .net to restrict access to tthe site.  We also need to restrict access to a directory containing PDF files.

I have done the following
Added the web.config file in the attached code snippet to this directory
In the mappings section of IIS app configuration I have added .pdf as an application extension.
restarted iis

However what happens is this.

When clicking on a link to one of the secured pdf files, we are redirected to the login page which is what I want to happen.

However, once logged in, the links to the pdf files cause a 'cannot display page' error in ie.

So the files are being secured but they can no longer be displayed even when logged in

Anyone any ideas

Wing
<?xml version="1.0" encoding="utf-8"?>
<configuration>
	<system.web>
		<authorization>
			<deny users="?" />
		</authorization>
	</system.web>
</configuration>

Open in new window

0
WingYip
Asked:
WingYip
1 Solution
 
devlab2012Commented:
add a line <allow users="*" /> in authorization section
0
 
mortimer452Commented:
I think the Deny users="?" is denying everyone -- you need an allow list in there somewhere.
0
 
WingYipAuthor Commented:
Thanks

That did it
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now