Re: Locking down a directory

From: John Timney \(ASP.NET MVP\) (timneyj_at_despammed.com)
Date: 01/03/05


Date: Mon, 3 Jan 2005 22:35:24 -0000

The location tag in web.config is normally ideal for this type of thing if
your using the right approach to authentication, for something more custom
you could easily set an authentication flag in session and create an
ihttpmodule to deny or allow access at the request level based on the value
being set or not. That would save you all the code you suggest you would be
facing.

-- 
Regards
John Timney
ASP.NET MVP
Microsoft Regional Director
"Matt" <awpilotnospam@aol.com> wrote in message
news:LojCd.20109$3m6.3496@attbi_s51...
> I'm currently using my own login/session style access restriction system
for
> my application.  What I'd like to do is restrict access for a certain
> directory to registered users only.  Is there is a quick-and-easy way to
> lock this directory down without having to go to each page in the
directory
> and put:
>
> if session("userloggedin") <> "" then
>         'do something
> else
>         response.redirect("/login.aspx")
>         response.end()
> end if
>
> I've looked into Forms Authentication, but I'm not sure how to mesh it
with
> my current access restriction system.
>
> Thanks.
>
> Matt
>
>