How to deny anonymous users to virtual directory
Solution 1
Here:
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*"/>
</authorization>
</system.web>
</configuration>
The <deny users="?"/>
will deny anonymous users while <allow users="*"/> will allow all authenticated users
reference : Setting authorization rules for a particular page or folder in web.config
Solution 2
Click on your virtual directory under the IIS you have Authentication click on it and there you will be able to see Anonymous authentication disable it.
goalie35
Updated on June 04, 2022Comments
-
goalie35 almost 2 years
How can I deny access to my virtual directory, to those who havent logged into my asp.net website yet?
I've hooked my website up to a virtual directory setup on my server (using IIS 7). The VD contains pdf files, that I want only logged in users to be able to access. My problem however, is I can't seem to "deny" anonymous users from accessing the files either. Currently, if I type the direct path to a pdf file within my virtual directory, I can access it, even if I'm not logged into my site.
I have a web.config file setup in the root of my virtual directory, which looks like this:
<?xml version="1.0"?> <configuration> <system.web> <authentication mode="Forms"> <forms loginUrl="Login.aspx" /> </authentication> <authorization> <deny users="?" /> </authorization> </system.web> </configuration>Any idea how to fix this?
Thanks