MrBliz
Reputation: 5918
Restrict downloads to authenticated users - IIS, Asp.NET MVC
I have two virtual directories under my site in IIS 7.5.
Unauthenticated users should not be allowed to access these files.
We are using ASP.NET Identity for authentication for the site if this has any bearing on the answer.
A lot of answers/googling seem to point towards using forms authentication in web.config, but As far as i know, ASP.NET Identity doesn't use this.
How would i go about doing this?
EDIT:
Some more info. These two virtual directories are set up in IIS with a specific user in the Physical Path Credentials.
Upvotes: 1
Views: 960
Answers (1)
Anibal Díaz
Reputation: 111
In your virtual directory, you need create a web.config file with this content:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web >
<appSettings>
</appSettings>
</configuration>
Upvotes: 3
Related Questions
- How to prevent download of files to unauthenticated users
- ASP.NET Identity - protecting a directory from unauthenticated users
- How can I allow logged in users be able to direct download file from an ASP.NET MVC application
- Serving static files in ASP.NET to authorized users only
- Prevent access to file(s) to secure path based downloads
- MVC Authentication on file download
- How to prevent anonymous users from accessing a file using forms authentication?
- How Can I make sure a file can be downloaded only if the user is logged in? ( no forms authentication )
- How to secure a link to be downloaded only by specific users?
- Limiting file download based on access level on asp.net