Is there a way to get URI based access control directly in IIS that works with static content, ASP, WCF services and anything else that comes in looking something like an HTTP request?
Particularly I want the access control to be a bullet proof as possible preferably making the decision before IIS even tries to figure out what to service the request with.
- This link sort of hints that this can't be done but it's old and I'd be very surprised if what I'm looking for doesn't exist.
- This link has a few other options (and a less "aggressive" community)
An ideal solution would be able to declare that everything (static and dynamic content) under a given URL (for example https://dns.name/some/path/*) needs a login and the user must be in some group. Also, I'd rather set it up with a username/passord file (at least for now) rather than AD or some windows account system.
In short I want access control and I don't want to be writing code to get it.
This seems related but I'm not sure it's quite the same.