• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

Secure PDF files in Asp.net

We are using forms authentication in .net to restrict access to tthe site.  We also need to restrict access to a directory containing PDF files.

I have done the following
Added the web.config file in the attached code snippet to this directory
In the mappings section of IIS app configuration I have added .pdf as an application extension.
restarted iis

However what happens is this.

When clicking on a link to one of the secured pdf files, we are redirected to the login page which is what I want to happen.

However, once logged in, the links to the pdf files cause a 'cannot display page' error in ie.

So the files are being secured but they can no longer be displayed even when logged in

Anyone any ideas

<?xml version="1.0" encoding="utf-8"?>
			<deny users="?" />

Open in new window

1 Solution
add a line <allow users="*" /> in authorization section
I think the Deny users="?" is denying everyone -- you need an allow list in there somewhere.
WingYipAuthor Commented:

That did it
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now