是否有可能允许匿名用户从一个文件夹浏览只有几个文件 [英] Is it possible to allow anonymous user to browse only few files from a folder

问题描述

我想允许匿名用户只能浏览一些文件，如Default.aspx的，aboutus.aspx，contactus.aspx等是否有写所有这些文件的名称在一个地方的方式，否则我将不得不重复低于$ C $所有文件连连C吗？

I want to allow anonymous users to browse only few files like default.aspx, aboutus.aspx, contactus.aspx etc. Is there a way to write all these file names in one place or I will have to repeat the below code again and again for all the files?

<location path="Default.aspx">
<system.web>
  <authorization>
    <allow users="*"  />
  </authorization>
</system.web>

推荐答案

这是不可能在一个位置元素指定多个路径。我想你问做的是这样的：

It is not possible to specify multiple paths in a single location element. I think you are asking to do is something like this:

<location path="Default.aspx,aboutus.aspx,contactus,aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>

不幸的是，我不相信这是可能的。

Unfortunately, I do not believe that is possible.

您有如何做到这一点的几个选项。

You have several options for how to do this.

A）多次指定位置的元素，一个是要允许匿名访问的每个文件：

A) specify the location element multiple times, one for each file that you want to allow anonymous access:

<location path="Default.aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>
<location path="aboutus.aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>
<location path="contactus,aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>

B）把所有要允许在一个单独的目录的匿名访问的文件，如崇拜者上面提到的。

B) Put all of the files that you want to allow anonymous access to in a separate directory, as Admirer mentioned above.

C）你可以使用婉授权的文件，而不是URL授权的探索。使用文件授权，你可以直接分配的Windows ACL权限的文件。这可能是可以分配你想保护的一个Windows帐户，你要允许到其他ACL帐户的匿名访问的文件和文件。然后，您的任务是使用ASP.Net模拟映射匿名访问请求，请求在具有只对未受保护的文件访问权限的Windows帐户的安全上下文中执行，并通过身份验证的请求到Windows请求映射帐户访问所有的文件。

C) You may wan to explore using File Authorization instead of URL authorization. With File Authorization, you can assign windows ACL permissions directly to files. It might be possible to assign files you want protected to one Windows account, and files that you want to allow anonymous access to another ACL account. You task would then be to use ASP.Net impersonation to map requests from anonymous access requests to execute in the security context of the windows account that has access only to the un-protected files, and map requests from authenticated requests to the windows account that has access to all files.

我不知道你想要走这条路，因为它可能是更容易简单地位置元素多次复制，一次要暴露在匿名访问每个资源。但是，如果你想看看这个，也有一些很好的资源这里或<一个href=\"http://www.west-wind.com/weblog/posts/2005/Feb/24/Using-programmatic-Impersonation-from-an-ASPNET-Page\"相对=nofollow>这里

I am not sure you want to go down this road, since it is probably much easier simply to replicate the "location" element multiple times, once for each resource you want to expose to anonymous access. But if you do want to look into this, there are some good resources here or here

这篇关于是否有可能允许匿名用户从一个文件夹浏览只有几个文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！