如何在ASP .NET中保护文件夹 [英] How to protect a folder in ASP .NET
问题描述
嗨
如何保护Web目录中的文件夹.该文件夹包含许多类型的文件,主要是pdf,我想限制匿名用户访问这些文件,这可以通过在url中输入文件名和路径来实现.
非常感谢,
Dinesh
要通过在Web服务器上出现的URL中键入文件名和路径来访问文件,需要执行以下操作:
1)用户必须知道文件名.
2)用户必须知道您的网站应用程序文件夹的目录结构.
不了解这两件事,几乎所有匿名"用户都无法访问您的Web服务器上的文件.
IIS中默认禁用了名为目录列表的任何内容,托管于该网站上的任何网站.如果启用此选项,则任何用户都可以看到您网站的目录结构,从而可以访问网站上的资源.
因此,我对您的问题的建议非常简单-将此选项保持 disabled .
您可以在Google上搜索"IIS目录列表",以获取关于IIS目录列表的详细信息.
希望这会有所帮助!
尝试此链接
链接[^ ]
<在web.config中,您可以为用户定义身份验证.在以下部分中,仅允许您进行身份验证并拒绝其他人.
<authorization>
<allow users="dinesh_ahuja"/>
<deny users="*"/>
</authorization>
还有一个< location>标签,您可以在< configuration>中使用该标签指定由该标签包装的设置所指向的特定文件或目录.部分.
实际上,该机制并非易事.您可能会探索很多与此相关的内容.
Hi
How can i protect a folder which is in a web directory. The folder contains many type of files mostly pdf and i want to restrict a anonymous user to access these files which can be done by typing file name along with path in url.
Many Thanks,
Dinesh
To access a file by typing file name along with path in url present on a web server following things are needed:
1) User must know the name of the file.
2) User must know the directory structure of your website application folder.
Without knowing these two things it is nearly impossible for any "anonymous" user to access file on your web server.
There is something called Directory Listing which is disabled by default in IIS for any website hosted on it. If this option is enabled, any user can see the directory structure of your website and thus may access resources on it.
So, my suggestion for your issue is very simple - keep this option disabled.
You may search Google for "IIS directory listing" for detail information on the same.
Hope this helps!
try this Link
Link [^]
in web.config you can define the authentication for users. In the following section only for you allow the authentication and deny for others.
<authorization> <allow users="dinesh_ahuja"/> <deny users="*"/> </authorization>
There is also a <location> tag that you can use to specify a particular file or directory to which settings wrapped by that tag, within the <configuration> section.
Actually that mechanism is not an easy step to work on. You may explore a lot related to that.
这篇关于如何在ASP .NET中保护文件夹的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
