Asp.Net MVC5 - Static Html Files Authentication?

Senthil S R 0 Reputation points
2023-10-03T15:33:22.3133333+00:00

Hi,

I am working on Asp.Net MVC5 (.Net Framework 4.8 & C#) web application. The application is hosted in azure app service.

The project solution has a "Help" folder, and the contents of the help folder is static files only i.e., html files. Also, have supporting files like CSS & JS etc. ... for applying designs in html.

Folder structure – 

Help folder contains a folder and a web.config file; and the folder name is Main.

Main folder contains a folder only; and the folder name is “MyModuleName”.

The “MyModuleName” folder contains html files and other supporting files. But all are static files only. Here also you couldn’t find the web.config file.

Note – the Help folder and its contents were provided by client and the folder contains too many files.

Application flow – 

User first need to login with Azure AD account, then after only the user can see the help icon too.

Initially we got the error while clicking the help icon as the route config blocked the static files. To fix that, I added below line at Help/web.config file, then it is working fine –

<add name="StaticFile" path="*" verb="*" modules="StaticFileModule" preCondition="integratedMode" resourceType="File" requireAccess="Read" />

The issue

The issue is the help URLs / HTMLs are accessible without login too. But as per the requirement, the help files should be accessed only logged in users. Role / Authorization is not a matter, but Authentication is mandatory.

Could you please provide few guidance to resolve this?

	Thanks in advance.
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,059 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AgaveJoe 1,500 Reputation points
    2023-10-03T15:47:20.5966667+00:00

    Store the files outside the application directory. Craft an MVC action to return the file stream. Example of returning an image file.

    public FileResult GetTele()
{
    byte[] fileBuffer = System.IO.File.ReadAllBytes(Server.MapPath("~/images/tele.jpg"));
    return File(fileBuffer, "image/jpg");
}

    You need to adjust the code to return whatever file types you have. You'll also add an input parameter to fetch the correct file.

  2. Bruce (SqlWork.com) 48,711 Reputation points
    2023-10-03T21:55:26.38+00:00

    there is no builtin support in mvc. the easiest approach is implement a IHttpHandler and map your help files. in the handler if authenticated return the file content, if not return 401 or redirect to login page.

    if you are using IIS forms or windows authentication, then IIS can do the permission check. see:

    https://learn.microsoft.com/en-us/troubleshoot/developer/webapps/aspnet/www-authentication-authorization/authorization-permissions

    0 comments