diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb
index 01d2ea890..1c02326a7 100644
--- a/app/controllers/attachments_controller.rb
+++ b/app/controllers/attachments_controller.rb
@@ -20,6 +20,8 @@ class AttachmentsController < ApplicationController
   before_filter :file_readable, :read_authorize, :only => [:show, :thumbnail]#Modified by young
   before_filter :delete_authorize, :only => :destroy
   before_filter :authorize_global, :only => :upload
+  
+  before_filter :require_login, only: [:download]
 
   accept_api_auth :show, :download, :upload