You could map HTML files in IIS admin to the aspnet handler,

or, a better way, you could utilize a helper ASPX that takes the html file's
path and simply spits it out verbatim, and since the ASPX page runs under
the Authentication routines, it would properly restrict access.

HTH


--
Eric Newton
[email]eric@ensoft-software.com[/email]
C#/ASP.net Solutions developer

"John Virgolino" <jvirgolino@consulvation.com> wrote in message
news:%23wDuFM5XDHA.2476@tk2msftngp13.phx.gbl...
> Is it possible to protect access to "regular" HTML files mixed in with
ASPX
> files. After implementing forms authentication, I was able to get right
to
> an HTML page without any problems (not what I want). I then renamed it to
> an ASPX file and it redirected to the login page (what I do want).
>
> I assume this is because there is no "intelligence" behind HTML. However,
I
> would like to use the built-in authentication capability for all types of
> pages. Any suggestions or am I missing something? I have included
portions
> of web.config below.
>
> Thanks,
> John Virgolino
>
> <location path="app">
>
> <system.web>
>
> <authorization>
>
> <deny users="?" />
>
> </authorization>
>
> </system.web>
>
> </location>
>
>
>
> <authentication mode="Forms">
>
> <forms name=".myauth" loginUrl="login.aspx" protection="All" path="/"
/>
>
> </authentication>
>
> <authorization>
>
> <deny users="?" />
>
> </authorization>
>
>