We help IT Professionals succeed at work.

ASP.NET - Forms Authentication for a directory of PDF files on the web server

JosephEricDavis
JosephEricDavis used Ask the Experts™
on
I'm using forms authentication on my web server which I'm setting up in my web.config file like this...

<location path="Account">
            <system.web>
                  <authorization>
                        <deny users="?"/>
                  </authorization>
            </system.web>
      </location>

This effectively blocks all unauthenticated users from accessing any of the pages inside the Account folder.

So now I'm trying to restrict all unauthenticated users from accessing any of the PDF files inside of the directory called Attachments, which exists in the same directory as Account.  I've done this...

<location path="Attachments">
            <system.web>
                  <authorization>
                        <deny users="?"/>
                  </authorization>
            </system.web>
      </location>

But I am still able to access pdf files inside that directory as an unauthenticated user.  Is this even possible or does it only work for the web forms?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®