Make folder only accessible for logged-in users on IIS7

Make folder only accessible for logged-in users on IIS7 References I have a subfolder on my webpage with pdf-files. They should only be accessed if the user is logged in, the login-information is accessed via Microsoft CRM and a variable is stored in cache. Code is written in vb.net, webserver is IIS7. How can I prevent access to this folder for not logged-in users? I have been searching for a solution but haven\'t found one that works with the CRM-login. I have also been looking into url rewriting, so that the user can\'t see the direct path to the file (www.abc.com/download/test.pdf) but instead will only see a non-desciptive url (www.abc.com/pdf). But haven\'t gotten that to work either. So I\'m open to pretty much any suggestions, but I can\'t replicate the whole userbase or want to setup a sql-database just for this purpose. Nicholas answer works with this additions: Using fs As New FileStream(\"C:\\www\\pdf\\abc.pdf\", FileMode.Open) Dim docSize As Long = fs.Length Dim docStream(CInt(docSize)) As Byte fs.Read(docStream, 0, CInt(docSize)) Response.ClearContent() Response.ContentType = \"application/pdf\" Response.AddHeader(\"Content-Disposition\", \"inline; filename=/_data/checkliste-4-2013-2.pdf\") Response.AddHeader(\"Content-Length\", docSize.ToString()) Response.BinaryWrite(docStream) Response.End() End Using