You are creating a Web application that will run on an intranet. The Web application reads comma-delimited text files. The text files reside in a subdirectory below the Web application's root directory. Users must not be able to navigate directly to these files in a Web browser unless they are members of the Accounting role. You need to write an ASP.NET HTTP handler that will use the FileAuthorizationModule class. Which form of authentication should you use?（）