I have been googing around on this for hours and days and I know it must be simple.
The closest I got was to protect the folder, but after setting up this web.config file, individual files inside the directory could still be viewed by a browser. I don't need hard core authorization, just a simple user name and password in the web.config file.
I have www.site.com . I want the whole thing available, except direct BA (www.site.com/BA ) because in BA are a couple ASP files that can edit other files on the site. So in BA directory I have index.asp editname.asp editdate.asp ETC With some of the instruction I have seen on the web, I was able to create a login situation if someone typed in their browser www.site.com/BA , but if they typed www.site.com/BA/editname.asp they would be able to open that file. I beleive a simple web.config file should be able to set this up.
Also, for login.asp, is that a built in function or must that file be built. Is there anyway just to have the browser pop up it's user name and password authentication pop-up screen. I am embarrased that I haven't been able to figure this out. But after many days of trying on my own I am begging for help. It seems like a simple problem to solve.
Thanks in advance to anyone who can help me out.