Avatar of JosephEricDavis
JosephEricDavis
 asked on

ASP.NET - Forms Authentication for a directory of PDF files on the web server

I'm using forms authentication on my web server which I'm setting up in my web.config file like this...

<location path="Account">
            <system.web>
                  <authorization>
                        <deny users="?"/>
                  </authorization>
            </system.web>
      </location>

This effectively blocks all unauthenticated users from accessing any of the pages inside the Account folder.

So now I'm trying to restrict all unauthenticated users from accessing any of the PDF files inside of the directory called Attachments, which exists in the same directory as Account.  I've done this...

<location path="Attachments">
            <system.web>
                  <authorization>
                        <deny users="?"/>
                  </authorization>
            </system.web>
      </location>

But I am still able to access pdf files inside that directory as an unauthenticated user.  Is this even possible or does it only work for the web forms?
ASP.NETC#.NET Programming

Avatar of undefined
Last Comment
disrupt

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
disrupt

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23