I am using .net2.0 and IIS6.
When using .net Forms Authentication: How to limit access to resources like pdf files to authenticated users only; so in order to access a file say mysite.com/mydoc.pdf they would have to be authenticated first (go through the login page)
It seems that by default only the .aspx pages are protected. E.g. to include the .html, I had to follow the steps described here.
EDIT
Thanks guys for very quick replies, the answer by Keltex worked perfectly for me as I needed a quick fix for a demo system.
Other answers are very interesting as well and they will be useful when dealing with the production system.
You are more then welcome to post other answers
You have to configure IIS to process wildcard extensions. Thus .pdf & .html extensions will be authenticated. Here’s how for IIS6:
http://professionalaspnet.com/archive/2007/07/27/Configure-IIS-for-Wildcard-Extensions-in-ASP.NET.aspx