保护大下载使用C＃和IIS 7 [英] Securing Large Downloads Using C# and IIS 7

问题描述

下面的设置：

运行一个C＃应用程序

• 1的Web服务器到我的用户（存储在MySQL数据库服务器的说）认证。

• 1 web server running a C# app to which my users (stored in a MySQL database on said server) authenticate.

1的文件服务器。在过去，我已经使用的lighttpd和mod_secdownload来保护文件服务器上的文件，它的效果很好（ISH）。

1 file server running software TBD. In the past I've used lighttpd and mod_secdownload to secure the files on the file servers, and it's worked well(ish).

我不知道是否有一种方法使用IIS和C＃.NET的组合来做到这一点。我的所有其他服务器正在运行的组合，这将简化事情有点如果我可以做同样的文件服务器。最厉害的是，正在举办的文件比较大。我已经看到了使用一个小的应用程序来创建一个FileStream对象，阅读文件，并手动创建HTTP响应的人的例子。这工作，但因为我的尺寸处理文件500 + MB，它是缓慢的挫折感。我会可能有300个用户击中框一次，申请文件。这是没有好。

I'm wondering if there is a way to do this using a combination of IIS and C# .Net. All my other servers are running that combo, and it would simplify things a bit if I could do the same for the file servers. The kicker is, the files that are being hosted are large. I've seen examples of people using a small app to create a FileStream object, read in the file, and create the HTTP Response by hand. This works, but since I'm working with files 500+ MB in size, it's slow as heck. And I'll potentially have 300 users hitting the box at once, requesting files. That's no good.

所以，任何人看到解决的办法？我试图创建一个更加透明的制度，如果我所有的服务器都运行相同的软件/硬件，它会让我的生活了一大堆简单。在此先感谢您的任何建议你给！

So, anyone see a way around this? I'm trying to create a more transparent system, and if all my servers are running the same software/hardware, it will make my life a whole lot simpler. Thanks in advance for any advice you give!

推荐答案

您知道吗？知识库文章是便便。这是我的官方推荐：

You know what? The KB article is poo. Here is my official recommendation:

public void StreamFile(string filePath)
{
    string fileName = Path.GetFileName(filePath);

    using (var fStream = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
    {
        var contentLength = fStream.Length;

        if (Request.UserAgent.Contains("MSIE"))
        {
            Response.AddHeader("Content-Transfer-Encoding", "binary");
        }

        Response.ContentType = "application/octet-stream";
        Response.AddHeader("Content-Length", contentLength.ToString());

        // Even though "Content-Disposition" should have an upper-case "d", as per http://www.ietf.org/rfc/rfc2183.txt
        // IE fails to recognize this if the "d" is upper-cased.
        Response.AddHeader("Content-disposition", "attachment; filename=" + fileName);

        var buffer = new byte[8192];

        while (Response.IsClientConnected)
        {
            var count = fStream.Read(buffer, 0, buffer.Length);
            if (count == 0)
            {
                break;
            }

            Response.OutputStream.Write(buffer, 0, count);
            Response.Flush();
        }
    }

    Response.Close();
}

这篇关于保护大下载使用C＃和IIS 7的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！