带身份验证的aspnet静态文件访问 [英] aspnet static file access with authentication
问题描述
在我的应用程序文件夹中,我有虚拟应用程序 QA.有一个文件夹帮助",其中包含 html 和其他静态文件.QA 正在使用表单身份验证.
帮助文件夹中的所有文件无需身份验证即可访问(例如,www.mypage.com/QA/help/test.html).我需要更改此设置,以便如果用户访问帮助文件夹中的文件(html 文件或任何其他静态文件),则用户将重定向到登录页面.我在谷歌上搜索,我发现的唯一一件事是,这是静态文件处理和映射到 asp 的东西.我使用的是 IIS 6.
我尝试添加这样的行
<代码><添加 name="StaticHandler" type="System.Web.StaticFileHandler" path="*.html" verb="*" validate="true"/>
到我的 web.config(在 QA 文件夹中),但它没有帮助.实际上,我不明白这一行,而且我也是 web.config 文件管理的新手.我还尝试将帮助文件夹中的所有静态文件放入 QA,但也无济于事.
确保您已将配置文件添加到包含静态文件的目录中,您希望这些静态文件不受匿名用户的影响(这意味着您将有第二个您尝试保护的目录中的 web.config 文件).这将拒绝任何匿名用户(这就是这样做的).
<预><代码><配置><appSettings/><connectionStrings/><system.web><授权><deny users="?"/></授权></system.web></配置>IIS 在 ASP.net 管道之外为您的静态文件提供服务.除了添加你已经添加的声明 System.Web.StaticFileHandler 你需要在 IIS 中映射扩展.为了确保您的 .htm 或 .html 文件通过 ASP.net 并因此通过身份验证.
在您的根 web .config 文件中添加
<httpHandlers><add path="*.html" verb="*" type="System.Web.StaticFileHandler"/></httpHandlers> 然后你需要在 IIS 中执行一些操作.这些说明适用于 IIS 6.0
- 打开 IIS 管理器
- 右键单击您的网站并选择属性
- 单击主目录 -> 配置(显示应用程序扩展等).您将需要来自已被 asp.net 使用的映射扩展的路径.获得它的最好方法是在列表中找到一个已经映射的 asp.net 扩展名,如 .aspx 或 .ascx,单击编辑并复制可执行路径.路径应以 aspnet_isapi.dll 结尾.
- 点击添加
- 粘贴之前的可执行路径和扩展名(在您的情况下为 .html).
- 对您希望由 ASP.net 运行时处理的任何其他文件类型重复此过程.
In my application folder I have virtual application QA. There is a folder "help" which contains html and other static files. QA is using form authentication.
All files in help folder are accessible without authentication (for example, www.mypage.com/QA/help/test.html). I need to change this so that if user acces files in help folder (html files or any other static files) then user is redirecet to login page. I was googling and the ony thing I have found is that this is something with Static file handling and mapping to asp. I am using IIS 6.
I have tried to add line like this
< add name="StaticHandler" type="System.Web.StaticFileHandler" path="*.html" verb="*" validate="true" />
to my web.config (that is in QA folder), but it doesn't help. Actually, I do not understand this line and also I am new to web.config file administrating. I also tried to put all static files from help folder into QA, but it also doesn't help.
Make sure you have added a config file to the directory that contains your static files that you want protected from anonymous users like so (this means you will have a second web.config file in the directory you are trying to protect). Which will deny any anonymous users (that is what the does).
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
IIS is serving your static files outside of the ASP.net pipeline. Besides adding the declaration you have added System.Web.StaticFileHandler you need to map the extension in IIS. In order to ensure that your .htm or .html files are passed through ASP.net and therefore authenticated.
In your root web .config file add
<system.web>
<httpHandlers>
<add path="*.html" verb="*" type="System.Web.StaticFileHandler" />
</httpHandlers>
Then you need to perform some operation in IIS. These directions apply to IIS 6.0
- Open IIS Manager
- Right click on your website and select properties
- Click Home Directory -> Configuration (displays application extensions etc). You will need the path from a mapped extension already in use by asp.net. The best way to get this is to find an already mapped asp.net extension in the list like .aspx or.ascx, click Edit and copy the Executable path. The path should end in aspnet_isapi.dll.
- Click Add
- Paste in the previous executable path and the extension (in your case .html).
- Repeat this process for any other file types you want handled by the ASP.net runtime.
这篇关于带身份验证的aspnet静态文件访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
