File Access only via my ASP.NET App not directly in browser?

Question

I'd like to save images in a directory on my Disk in Windows Server 2003 in a Subfolder out of my webroot. mydomain.com/myfolder

I'll upload images there for example test.jpg, which I'd like to show using ASP.NET, well this works, and If I try to browse the path "mydomain.com/myfolder" there is shown Access Denied.

My problem is, if I type "mydomain.com/myfolder/test.jpg" the picture is shown, but I'd like to show them only via my ASP.NET App.

Can I manage this using the Windows Server permissions without using the Active Directory Authentication Mode?

I tried for example to left only the NETWORK SERVICE put then also my .NET app didn't show the image anymore.

Any idea?

Thanks in advance Johannes

Answer 1

You can use Wildcard Application Mappings to map all requests (.*) to aspnet_isapi.dll. Then you can control all requests by ASP.NET. You can write e.g. HttpModule, that will handle showing your image.

In IIS7 you can use attribute

runAllManagedModulesForAllRequests="true"

in web.config in element:

<system.webServer><modules>