允许匿名用户浏览风格和图像文件夹 [英] Allow anonymous user to browse the Style and Images folder

问题描述

我写一个ASP.NET Web应用程序。

I am writing an ASP.NET web application.

我有，有一些CSS样式和图像上有一个登录界面。我跑到那里的风格和图像不显示的问题。我在网上看了，它说我需要我的内容文件夹内的一个web.config。我增加了以下到Web.config：

I have a login screen that has some CSS styles and images on it. I ran into an issue where the styles and images weren't displaying. I read online and it said I needed a web.config inside my Content folder. I added the following to the web.config:

<configuration>
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</configuration>

这似乎是我的本地机器上运行。然而，当我发布到的Inetpub在服务器上，这是行不通的。

This seemed to work on my local machine. However, when I publish to inetpub on the server, it does not work.

下面是我的文件夹结构：

Here is my folder structure:

登录/的Login.aspx - 我的登录屏幕结果
内容 - 这是我的根内容文件夹结果
内容/样式 - 这是我的CSS坐落结果
内容/图片 - 这是我的图片存储在哪里。

Login/Login.aspx - my login screen
Content - this is my root content folder
Content/Styles - this is where my CSS is housed
Content/Images - this is where my images are stored

我试图把里面的样式和图像相同的web.config以及但是这也不能工作。

I tried putting the same web.config inside Styles and Images as well but that didn't work either.

任何帮助将是AP preciated。

Any help would be appreciated.

更新：

下面是我在我的有关用户访问主要的web.config：

Here is what I have in my main web.config related to user access:

<location path="Content">
  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>
</location>

更新2：
这里是所有的在我的根web.config除了连接字符串信息：

Updated 2: Here is all that's in my root web.config besides connection string info:

<system.web>
<httpRuntime requestValidationMode="2.0"/>
<compilation debug="true" targetFramework="4.0"/>
<sessionState cookieless="UseCookies"/>
<authentication mode="Forms">
  <forms name="CMS" loginUrl="Login/Login.aspx" timeout="25" slidingExpiration="true"/>
</authentication>
<authorization>
  <deny users="?"/>
</authorization>
<membership>
  <providers>
    <clear/>
    <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
  </providers>
</membership>
<profile>
  <providers>
    <clear/>
    <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
  </providers>
</profile>
<roleManager enabled="false">
  <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/>
    <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/>
  </providers>
</roleManager>
</system.web>
<location path="Content" allowOverride="false">
<system.web>
   <authorization>
     <allow users="*" />
   </authorization>
 </system.web>
</location>
<system.webServer>
  <modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>

难道还有什么东西在与用户访问这里的干扰？

Could there be something in here interfering with the user access?

推荐答案

我意识到这是一个老问题，但我有同样的烦恼，并希望这可以帮助别人。

I realize this is an old question, but I had this same trouble and hope this helps someone.

在我而言，我不得不改变在IIS中的身份验证设置的让它工作。这听起来像是发生了什么事情，一旦你把它移动到远程服务器，其中默认的配置可能会有所不同。

In my case, I had to alter the Authentication settings in IIS to let it work. This sounds like what happened once you moved it to a remote server where the default configuration may have been different.

我们拥有的 Windows身份验证模式默认被启用，但是当的的web.config 的指定的表单验证，它实际上使两者在IIS配置。

We have Windows Authentication mode enabled by default, but when the web.config specifies Forms Authentication, it will actually enable both of them on in the IIS configuration.

通过你的web.config，你有这样的事情

With your web.config, you have something like this

<system.web>
    <authentication mode="Forms">
        <forms name="CMS" loginUrl="Login/Login.aspx" timeout="25" slidingExpiration="true"/>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>
    <!-- ...etc... -->
</system.web>

如果您移动服务器启用了Windows身份验证，它看起来像这样在IIS

If the server you moved to has Windows Authentication enabled, it will look like this in IIS

注意这两种形式和Windows的启用，尽管你的配置只说形式。这将完成是破坏子目录让您的web.config文件。

Notice both Forms and Windows are enabled, despite your config saying only Forms. What this will do is undermine your added web.config files in the subdirectories.

当你有低于您的内容的文件夹，它似乎有与Windows发生冲突VS形式无论你放什么，它似乎没有兑现你的web.config

When you have the below in your Content folder, it appears to have a conflict with Windows vs Forms and no matter what you put, it doesn't appear to honor your web.config

<configuration>
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</configuration>

如果你在这个相同的情况下，一定要禁用Windows身份验证，或任何其他未使用的认证方式，如下面的图像中。您还需要确保匿名启用允许它向所有人开放。

If you are in this same situation, make sure to disable Windows Authentication, or any other unused authentication modes, like in the image below. You need to also make sure Anonymous is enabled to allow it to be open to all.

希望这可以帮助别人。

这篇关于允许匿名用户浏览风格和图像文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！