1. Implement Forms Authentication and Authorization in Web.config

<system.web>
<authentication mode="Forms"/>
</system.web>

<
location path="<filename or relative path of the folder>"> <!--e.g. PublishedFiles\Category1, or PublishedFiles\Category1\file1.htm-->
    <
system.web>
       <
authorization>
            <
deny users="?"/>
           <
allow users="*"/>
       </
authorization>
    </
system.web>
</
location>

2. Ensure that there is an entry for .htm/.html in IIS Configuration.

IIS Configuration
Forms Authetication will not work if you dont have the entry for corresponding file extension in IIS configuration.