设置以使网站用户在Server中具有文件夹权限 [英] Setting to enable website users to have the folder permissions in Server
问题描述
我是IIS新手。我使用的是以下版本的软件。
IIS版本 - 7.5
Windows服务器版本-6.1
我有一个应用程序,我需要将文件保存到IIS中的特定文件夹。我将它存储在IIS中,以便我可以通过使用URL访问它(例如:www.serverprogram.com/media/file.jpg)。
我的问题是我必须授予此媒体文件夹的权限,以便它可以拥有读/写/创建文件夹/文件权限。我必须仅向应用程序用户(已成功登录该网站的用户)授予此权限,这是如何实现的?
对此,我对 ApplicationPoolIdentity 感到困惑吗?你能告诉我一个如何实现这种权限的基本想法,并且可以给我一些链接来学习对IIS中权限的基本理解。
现在我正在允许Everyone访问该文件夹,我相信这不是一个安全的解决方案。
Hi,
I am new to IIS. I am using the following version of the software.
IIS Version - 7.5
Windows Server Version- 6.1
I have an application where in I have to save the files to a particular folder in the IIS. I am storing it in IIS so that I can access that through the use of an URL (for example: www.serverprogram.com/media/file.jpg).
Here my problem is I have to give permission to this media folder so that it can have Read/Write/Create Folders/Files permission. I have to give this permission only to application users (users who has successfully login to the website), how this can be achievable?
I am quiet confused about ApplicationPoolIdentity for this? Can you one throw me a basic idea of how this permission can be achieved and can give me few links to learn the basic understanding of permissions in IIS.
Right now I am giving permission to Everyone to the folder, I am sure this is not a secured solution.
推荐答案
您可以在FTP文件夹中发布内容并使用令牌生成逻辑来访问该文件夹。
令牌生成你可以为授权用户做。
请参阅以下链接。
http://www.iis.net/learn/publish/using-the-ftp-service/using-ftp-over-ssl-in-iis-7 [ ^ ]
如果您对虚拟目录下的文件夹进行目录浏览启用,则任何知道该URL的用户都可以下载该内容。没有办法使用apppool身份或假冒来控制这个。
问候,
Maheswaran.S
You can post the content in FTP Folder and use the token generation logic to access the folder.
The token generation you can do for the authorized user.
Refer the below link.
http://www.iis.net/learn/publish/using-the-ftp-service/using-ftp-over-ssl-in-iis-7[^]
If you make directory browse enable for the folder under virtual directory any user who knows the url can download the content. There is no way to control this using apppool identity or impersonation.
Regards,
Maheswaran.S
这篇关于设置以使网站用户在Server中具有文件夹权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
