MrBliz
MrBliz

Reputation: 5918

Restrict downloads to authenticated users - IIS, Asp.NET MVC

I have two virtual directories under my site in IIS 7.5.

Unauthenticated users should not be allowed to access these files.

We are using ASP.NET Identity for authentication for the site if this has any bearing on the answer.

A lot of answers/googling seem to point towards using forms authentication in web.config, but As far as i know, ASP.NET Identity doesn't use this.

How would i go about doing this?

EDIT:

Some more info. These two virtual directories are set up in IIS with a specific user in the Physical Path Credentials.

Upvotes: 1

Views: 960

Answers (1)

Anibal Díaz
Anibal Díaz

Reputation: 111

In your virtual directory, you need create a web.config file with this content:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.web>
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web >
    <appSettings>
    </appSettings>
</configuration>

Upvotes: 3

Related Questions