Prevent a file (pdf) from being served in asp.net

Question

I\'ve got a legacy flash app (no access to the source) that when it completes it opens a pdf in a new window automatically.

Is there some way to prevent this one file at

Answer 1

You can drop a web.config in that folder which will prevent the files from being accessed unless they are in a specific role:

If you only want to lock down that specific file you can wrap that with

This will likely require you to add the following handler to your root web.config in the "handlers" section, as usually IIS will serve up the file before ASP.NET touches it. This will make PDFs go through ASP.NET which can then handle the Role restrictions from above: