Authentication means figuring out who you are and Authorization means figuring out what you can do. Both are fundamental parts of the ASP.NET Security Model.
- Open IIS Manager (Start/Run, type inetmgr and Enter)
- From the left-side tree view, select the web application you want to change the mappings for
- Right-click on the web application and select Properties
- Swirch to Home Directory Tab and click Configuration
- On the Mappings tab, click Add and enter the extension (one of .js, .css, .jpeg) and ASP.NET ISAPI DLL path for Executable. You can copy/paste the complete path to the ISAPI DLL from any other mapping, .aspx, for example.
- Repeat the above step for other file extensios too, if required
- Click OK thrice
Once done, requests to non-ASP.NET resources will also be subjected to ASP.NET authentication. The downside of this approach however is that it negatively impacts the performance of the web application because ASP.NET has to authenticate additional resource requests.
Be sure to visit the subpages for more information on specific kinds of authorization like Forms, Windows, Passport, Basic, and custom. This is just the start!