Hi I have a couple of questions about restricting access to certain folders and files within those folders. 1. I am building an ASP.NET 3.5 subscription application for a journal I produce. As well as the print version subscribers can also view the journal electronically. All subscribers will have a membership profile so can login and I can make the necessary trivial changes to the webconfig file in the particular folder I'm interested in protecting. However, some subscribers would like to access the material from certain IP ranges. Does anyone have any ideas on how I can implement IP-based authentication in PARALLEL with the built-in membership approach for the same folder (and sub-folders)? 2.On the same site subscribers will also be able to download a small selection of eBooks for an additional fee. Assuming all the eBook files are in the same folder is there a way to temporarily allow a user to only access some of the files in that folder (rather than all of them). One approach I thought of was to create a temporary folder with the individual files in it, whenever a subscribers ordered an ebook... and then delete the folder a few days later... but I'm hoping there is a neater way to achieve the same goal. Thanks in advance for sharing your ideas. Kurt
In case anyone is interested I think I have stumbled across the perfect article that can help answer both my questions. http://www.codeproject.com/KB/aspnet/http-module-ip-security.aspx i.e., the key is to create an HttpModule (which can do a lot more than just implement my particular function needs). Below is the VB version of the code in the article:
