PWD protecting access to Word Docs via ASP and/or IIS?

[darrel]

I have a section of our site that I'm putting behind a password.

The template checks to see if a cookie was set, if not, it sends you to the
login page, where you enter in the pwd, and it sets the cookie allowing you
to then see the template page.

The template page sets a variable that each of the included content pages
then check for before loading.

So, as it's set up, you can not access the main template page nor any of the
content pages without the password. So far so good.

The catch is that each of these pages link to folders that contain several
documents. Is there a way to protect people from accessing these documents
(Word, PDF, etc.) from anywhere except one of the main content pages? Either
via ASP or a setting in IIS?

I set the entire folder up as an application which would protect the root
folder if I used ASP.NET, however, these pages contain a lot of legacy ASP
code, so I'd prefer to leave everything in ASP if at all possible for the
time being.

I know with apache you can block files from being loaded unless they are
called from a link on that same domain. Is there anyway to do that with IIS
and/or ASP?

-Darrel

 

[darrel]

Aw crap. Sorry. Posted this in the .net forum when I meant to put it in the
asp forum. Sorry 'bout that!