Deny anonymous access to word doc in the website

2018-06-19 20:19:52

I have hosted a asp.net (framework 4.0) website in a webserver. I'm using forms authentication in that. I have a folder in the webserver called 'ProfileData'.

<location path="ProfileData">
    <system.web>
      <authorization>
        <deny users="?"/>
      </authorization>
    </system.web>
  </location>

So its denied anonymous access. and while i'm trying to access like,

www.mywebsite.com/ProfileData, then its redirecting to login page. But my issue is, when i'm trying

www.mywebsite.com/ProfileData/sample.docx, the word file is automatically downloading to the machine even if its a anonymous user.

How can i overcome this... please help me..

Thanks in advance...

Mahesh

As you experineced the xml only works for html/aspx files. You have to implement a httphandler, sample can be found here:

http://www.codeproject.com/Articles/39158/Protect-Files-and-Folders-Using-HttpHandlers-in-AS

链接地址: http://www.djcxy.com/p/55856.html

上一篇: ASP.NET按页面授权

下一篇: 拒绝匿名访问网站上的文档