Hi everyone...
Me again
Ok, I have an ASP.NET app configured, and can only be accessed with a username/password (using forms authentication with a database).
Inside the app directory, there is a subdirectory that I keep files that users can select off of the menu driven app. My concern is people can access this subdirectory if they know the path, by passing the login page. In this directory may be PDF, HTM, DOC, etc types of files.
How can I protect it so that only authenticated users can access that directory?? I tried putting a web.config file, but I don't think that is working (I could have the setup wrong in it) but I thought that would only protect .ASPX pages.
Thanks!
Chris
Me again
Ok, I have an ASP.NET app configured, and can only be accessed with a username/password (using forms authentication with a database).
Inside the app directory, there is a subdirectory that I keep files that users can select off of the menu driven app. My concern is people can access this subdirectory if they know the path, by passing the login page. In this directory may be PDF, HTM, DOC, etc types of files.
How can I protect it so that only authenticated users can access that directory?? I tried putting a web.config file, but I don't think that is working (I could have the setup wrong in it) but I thought that would only protect .ASPX pages.
Thanks!
Chris