Hello everyone,

I am using Windows Server 2003 + VSTS 2008 + .Net 3.5 + C# + ASP.Net + IIS 6.0. I host some files (wmv video file and html file) on the web server, I want to know whether there are any easy to use authentication approach to let user input username and password before they can access (I want to prevent anonymous access)? Since the web site has also aspx ASP.Net page, and I want to use an unified authentication solution for wmv, html and aspx page. If prefer any solution which utilizes username and password stored in SQL Server database which my application already has/use.

Any ideas?

thanks in advance,
George

I don't think that's possible. It is easy for the .aspx pages. However, for the wmv files, they would use the IIS authentication, which I don't believe you can "override" to make it use a sql server based authentication. It will either use anonymous or windows authentication. I don't think it can be anything else for IIS.

now you could create an .aspx page with links to those wmv files. that would allow you to use your own authentication and still allow the files to be downloaded.

I can create an aspx page links to the wmv file, but if user find the URL of the wmv file by viewing source html code generated by aspx, the user could download directly from the URL without authentication, and this is what I want to prevent. Any comments or ideas?

I don't think that's possible. It is easy for the .aspx pages. However, for the wmv files, they would use the IIS authentication, which I don't believe you can "override" to make it use a sql server based authentication. It will either use anonymous or windows authentication. I don't think it can be anything else for IIS.

now you could create an .aspx page with links to those wmv files. that would allow you to use your own authentication and still allow the files to be downloaded.

you could use a link button with the link not actually going to the physical path. And then on the Click event of the link button, serve the file to the browser for download (http://eclipsed4utoo.com/blog/aspnet-pushing-file-browser/).

Thanks eclipsed4utoo, but how to solve the issue of authentication for html file?

you could use a link button with the link not actually going to the physical path. And then on the Click event of the link button, serve the file to the browser for download (http://eclipsed4utoo.com/blog/aspnet-pushing-file-browser/).

what do you mean by an html file? do you mean an html webpage?

Thanks eclipsed4utoo, any differences? What I mean is access control to URL like, http://server/abc/def.html Any ideas?

what do you mean by an html file? do you mean an html webpage?