securing documents in IIS6

Question

User-225121172 posted

I have a directory within my applicaiton called Docs. The docs folder has bunch of documents like docA.pdf, docB.pdf and so on. If i goto the properties of that document and set the file security to "Enable Anonymous Access", then any user without authentication can view the document by typing this in the address bar http://test.com/Docs/docA.pdf. If i disable anonymous access, then it prompts for authentication. The problem is i am using custom membership provider and how can i configure IIS to use that membership provider. I can see options for "Integrated Windows Authentication", "Basic Authentication" and so on. But this will not help users authenticate against my custom membership provider.

 Thanks in advance.

Answer 1

User-823196590 posted

The problem is i am using custom membership provider and how can i configure IIS to use that membership provider.

You can't, IIS 6 does not work that way.   Are you talking about ASP.NET?  If so, see:
http://support.microsoft.com/default.aspx?id=893662
http://weblogs.asp.net/scottgu/archive/2007/03/04/tip-trick-integrating-asp-net-security-with-classic-asp-and-non-asp-net-urls.aspx

Answer 2

User-225121172 posted

So how do i secure the documents then? There should be someway os securing the document. right?

Answer 3

User-823196590 posted

Of course.  We just covered two ways, IIS authentication and ASP.NET membership.

If I knew more about your custom authentication scheme I might be able to offer a suggestion ...