> Hello All,
> I would like to restrict access to a folder and all it's sub-folders
> and
> files.
> Using VS2005, ASP.NET 2.0, Forms Authentication, IIS6
> The web.config in the root of the site has the following in the config
> and
> it works.
> It redirects a new user to the login page just fine.
> <location path="Movies.aspx">
> <system.web>
> <authorization>
> <deny users="?"/>
> </authorization>
> </system.web>
> </location>
> The Movies.aspx renders available movies to watch depending on the
> querystring.
> The trouble is that if after watching the movie the user can see the
> url to
> the movie.
> If the user accesses the movie url directly it will bypass the
> authentication.
> I would like to have the location in the web.config specify a folder,
> sub-folders and all files.
> I tried creating a web.config in the Movies folder as follows.
> <configuration>
> <location>
> <system.web>
> <authorization>
> <allow users="?"/>
> </authorization>
> </system.web>
> </location>
> </configuration>
> It seems that the documentation said that if the location did not
> specify a
> path it would imply all child folders.
> This does not work for me.
> Any help would be appreciated.
> Jason