Re: Locking down a directory

From: John Timney \(ASP.NET MVP\) (
Date: 01/03/05

Date: Mon, 3 Jan 2005 22:35:24 -0000

The location tag in web.config is normally ideal for this type of thing if
your using the right approach to authentication, for something more custom
you could easily set an authentication flag in session and create an
ihttpmodule to deny or allow access at the request level based on the value
being set or not. That would save you all the code you suggest you would be

John Timney
Microsoft Regional Director
"Matt" <> wrote in message
> I'm currently using my own login/session style access restriction system
> my application.  What I'd like to do is restrict access for a certain
> directory to registered users only.  Is there is a quick-and-easy way to
> lock this directory down without having to go to each page in the
> and put:
> if session("userloggedin") <> "" then
>         'do something
> else
>         response.redirect("/login.aspx")
>         response.end()
> end if
> I've looked into Forms Authentication, but I'm not sure how to mesh it
> my current access restriction system.
> Thanks.
> Matt