Use forms authentication to protect non-aspx files?

[Ronald S. Cook]

In my ASP.NET 2.0 Web app, I want to make some files inaccessible to
unauthenticated users. Using Forms Authentication, this works fine for
..aspx pages, but not for regular old .htm pages. How do I protect these?



Thanks,

Ron

 

[Ronald S. Cook]

From what I'm finding so far, I can somehow configure IIS "ISAPI filter" to
include file types that I want to protect under forms authentication.



Does anyone know how to do this? In IIS I see the ISAPI Filters tab, but it
doesn't just ask me to list the extensions I'd want to protect. Instead it
seems to want me to browse to a dll or something.



Thanks,

Ron

 

[Erik Funkenbusch]

From what I'm finding so far, I can somehow configure IIS "ISAPI filter" to
include file types that I want to protect under forms authentication.

Actually, you want the Home Directory Tab, then click the Configuration
button.

 

[Ronald S. Cook]

Thanks Erik, but the OK button on that tab never enables.. even after I
point to that isapi DLL and type .htm in the other field. No matter what I
do the OK button is still disabled.

Thanks for any additional help.

Ron

 

[Erik Funkenbusch]

Thanks Erik, but the OK button on that tab never enables.. even after I
point to that isapi DLL and type .htm in the other field. No matter what I
do the OK button is still disabled.

Weird. It enables for me as soon as i start typing in the executable
field.