视频访问Asp .Net中的安全性 [英] video Access Security in Asp .Net

问题描述

您好，



i有一个网站，其中我将有免费/付费用户，所以我只希望付费用户访问上传的视频，所以问题在于显示上传的视频如何实现安全性，以便只有付费用户才能访问这些视频。我想在弹出窗口上显示视频，这不是一个能够在弹出窗口上显示视频的问题，但问题是视频链接在检查元素内部是可见的，任何人都可以访问该视频，所以我想保护该视频unauthenticate用户。



Thnx提前。

Hello ,

i have a website in which i will have free/paid users so i want only paid users to access uploaded videos so problem here is that to display uploaded video how can i achieve security so that only paid user can access those video . and i want to display video on pop up well that is not an issue i m able to display video on popup but the problem is that video link is visible inside inspect element through which anyone can access that video so i want to protect that video from an unauthenticate users .

Thnx in advance.

推荐答案

是的，我遇到了你面临的麻烦。我将尽力通过一个例子向您解释详细信息：



- 我假设您有一个类似VideoList.aspx的页面，其中包含视频列表（包括免费和付费视频）

- 我还假设您已经创建了一个表格，其中包含用户与ROLES的信息（可能：1-付费用户.0-免费用户）



所以，我们会有案例：



案例1：当用户点击免费视频链接时，然后将它们重定向到这个视频&显示内容。这是一个简单的案例。

案例2：你遇到麻烦的情况：



- 当用户仍然没有登录系统时，点击付费视频链接，然后仍然将它们重定向到showvideo.aspx页面（如果用户付费，我们将在此页面上显示视频内容），但在此页面的后端（代码隐藏），您应该像这样检查：

+如果你记录了 - >将记录的用户信息保存到会话变量。

+在showvideo.aspx的后端，检查：if session [LoggedUserInfo] = null，然后显示你需要登录的警告信息到系统查看此内容...



- 如果用户已登录系统，请检查如下：

+如果session [LoggedUserInfo]！= null，则继续检查用户的角色（该角色也保存到会话变量）。

- >如果session [LoggedUserRole] = 1 - >这个是付费用户 - >可以查看内容。

- >如果会话[LoggedUserRole]<> 1 - >这个是免费用户 - >无法查看内容 - >显示一个消息框，例如您无法查看此内容....



如果您将我的建议应用于您的代码。我确定如果有人付费用户，复制并向朋友发送付费视频链接，那么他们就无法查看该视频，只显示您需要登录系统才能查看此内容...的警告消息或你无法查看这些内容......。



但是，如果该用户向朋友发送付费视频链接，并且还向他们提供用户帐户&密码，然后视频将显示内容给他们。我们无法处理这种情况。



希望对你有意义和帮助！

Yep, I got the trouble you're facing. I will try my best to explain detail to you by an example:

- I assume you have a page like VideoList.aspx, which contains a list of video (includes free & paid video)
- I also assume you already created a table, which contains user's info with ROLES (maybe: 1- paid user. 0- free user)

So, we will have cases:

Case 1: When user clicking to free video link, then redirecting them to this video & showing the content. This is an easy case.
Case 2: The case you're having troubles:

- When user is still not logged in to the system, clicking to paid video link, then still redirecting them to a page as showvideo.aspx (We will display the content of the video on this page if user has paid), but at the back-end of this page (code behind) you should check like this:
+ If you logged -> save logged user's info to session variable.
+ At the back-end of showvideo.aspx, check: if session["LoggedUserInfo"] = null, then showing a warning message like "You need to login to the system to view this content..."

- If the user already logged to the system, then check as follows:
+ If if session["LoggedUserInfo"] != null, then continuing to check the user's role (the role is also save to a session variable).
--> If session["LoggedUserRole"] = 1 -> this one is paid user -> can view the content.
--> If session["LoggedUserRole"] <> 1 -> this one is free user -> cannot view the content -> display a message box like "You're unable to view this content...."

If you apply my suggestion to your code. I'm sure if someone is paid user, copy and send a paid video link to friends, then they cannot view that video, just showing a warning message like "You need to login to the system to view this content..." or "You're unable to view this content....".

However, in case, this user sent paid video link to friends and also give them user account & password, then the video will be displayed the content to them. We cannot handle this case.

Hope that make sense and helpful for you!

这篇关于视频访问Asp .Net中的安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！