Can I deny ASP.NET anonymous access to all files? | ansaurus

tags:

views:

61

answers:

3

Q:

Can I deny ASP.NET anonymous access to all files?

My hypothetical website doesn't allow anonymous access and uses Forms Authentication. So the initial request for www.example.com/SomePage.aspx is redirected to www.example.com/Login.aspx?ReturnUrl=SomePage.aspx.

However users can still access URLs that aren't served by ASP.NET, e.g.: www.example.com/Images/AnImage.jpg or www.example.com/TextFile.txt.

Is it possible to deny anonymous access to these files and use the same Forms Authentication?

+1 A:

Yes - You must register ASP.NET for every file (.*) extension. this you have to configurate in ISS.

Arthur 2009-10-02 16:18:19

I was specifically trying to avoid this as I would then need to implement a custom handler in ASP.NET to serve the request.

batwad 2009-10-05 15:23:28

+1 A:

You can use IIS Extention Mapping. For More information click IIS Extention Mapping

Neil 2009-10-02 16:25:13

I still want IIS to serve the request, just check the ASP.NET session. I don't want to re-map everything to ASP.NET.

batwad 2009-10-05 15:26:31

You do not have to re map everything to ASP .Net. But you need to map only those extention which you need to use for forms authentication. For More info see this link http://weblogs.asp.net/scottgu/archive/2007/03/04/tip-trick-integrating-asp-net-security-with-classic-asp-and-non-asp-net-urls.aspx

Neil 2009-10-05 16:55:59

A:

There are some ways that will help you solve this problem : Permission under IIS

Braveyard 2009-10-02 16:28:15

related questions

Is it better to create Model classes, or just stick with generic database utility class?

What are effective options for embedding video in an ASP.NET web site?

Visual Studio 2008 debugger already attached work-around

Tracking state using ASP.NET AJAX / ICallbackEventHandler

ASP.NET Display SVN Revision Number

ASP.NET URL Rewriting

How can I change the background of a masterpage from the code behind of a content page?

Easy way to AJAX WebControls

How do I define custom web.config sections with potential child elements and attributes for the properties?

ASP.NET MVC "CRUD" Database Sample

Are Multiple DataContext classes ever appropriate?

How to RedirectToAction in ASP.NET MVC without losing request data

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP.NET built in user profile, Vs old stile user class/tables

What's a good book for learning ASP?

Bandwith throttling in IIS 6 by IP Address

ASP .Net Custom Client-Side Validation

How to get the value of built, encoded ViewState?

Decent, simple, GIS/mapping component for ASP.NET?

Checklist for IIS 6/ASP.NET Windows Authentication?

How to write to Web.Config in Medium Trust ?

ASP.NET, Visual Studio and Subversion - how to integrate?

Floating Point Number parsing: Is there a Catch All algorithm?

How do I sync the SVN revision number with my ASP.NET web site?

ASP.NET Site Maps