My complete ASP.Net application pages are divided into two directories.Lets say A & B.I have enforced integrated windows authentication (at IIS level) on directory A to secure or password protect each page in the directory. I have not opted for session authentication for each page as pages are very large in no. and also some of the pages are .doc,.pdf & .html which cannot be protected through session.

Pages of directory B have links after you access directory A pages. Now once you are authenticated for the directory A pages you should not be asked for any credentials for switching to directory B pages.But when any page of directory B is accessed directly mentioning the URL without accessing any directory A page then person should be asked for authentication.

In a nutshell how can we bypass the integrated windows authentication asking for credentials in case of directory B.Is there any mechanism we can supply credentials internally for directory B pages or somehow we could suppress the credential window.I do not want to supply the credentials again once given for directory A pages.

Any help will be greatly appreciated. If there is some out of box solution that will also be great.


deepak