«

I have create a Asp.net 2.0 application empsite with form authorization.

And I have create an entry in IIS application mapping:
..doc => C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_isapi.dll

I tried http://localhost/empsite/Documents/BenefitsSummary.doc on IE and it
will be redirected to login page.

However, it does't redirect to login page and the url can download the file
directly.

Did I missed any setting?

> I have create a Asp.net 2.0 application empsite with form authorization.
>
> And I have create an entry in IIS application mapping:
> .doc => C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_isapi.dll
>
> I tried http://localhost/empsite/Documents/BenefitsSummary.doc on IE and it
> will be redirected to login page.
>
> However, it does't redirect to login page and the url can download the file
> directly.
>
> Did I missed any setting?

Don't know why IIS handles FF-requests differently from IE-requests.

A different approach would be not to use direct links to your
docs/pdfs, but to use something like
download.aspx?file=BenefitsSummary.doc

This download.aspx could perform extra security checks. If everything
is OK, then it can do a Response.WriteFile() to upload the file (which
is stored in a directory outside of the website, so no direct requests
are possible) to the requesting browser.
Note: you don't want any html in the "aspx" part.

Hans Kesting