Reputation: 5918
I have two virtual directories under my site in IIS 7.5.
Unauthenticated users should not be allowed to access these files.
We are using ASP.NET Identity for authentication for the site if this has any bearing on the answer.
A lot of answers/googling seem to point towards using forms authentication in web.config, but As far as i know, ASP.NET Identity doesn't use this.
How would i go about doing this?
EDIT:
Some more info. These two virtual directories are set up in IIS with a specific user in the Physical Path Credentials.
Upvotes: 1
Views: 960
Reputation: 111
In your virtual directory, you need create a web.config file with this content:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web >
<appSettings>
</appSettings>
</configuration>
Upvotes: 3