ASP.NET授权继承规则 [英] ASP.NET Authorization inherits rules
问题描述
我试图保护(子)目录在我的ASP.NET网站,其中包含的文件(视频,文档等),所以我创建了一个Web.config文件:
I am trying to protect a (sub)directory in my ASP.NET website that contains files (Videos, documents etc.) So I created a Web.config file:
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<deny users="?"/>
<allow roles="Administrator"/>
<allow roles="Author"/>
<allow roles="Report"/>
</authorization>
</system.web>
</configuration>
这些角色对应与那些在我的数据库中的asp.net角色表中定义。
These roles correspond with those defined in the asp.net roles table in my database.
我打开了IIS7检查授权规则在那里,他们是。但也有被设置为允许所有用户2继承的规则。这些规则似乎忽略我的规则去设定Web.config文件。我不能删除这些继承的规则。
I opened up IIS7 to check if the authorization rules were there and they were. But there were also 2 inherited rules that are set to "Allow all users". These rules seem to override my rules set in de Web.config. I can't delete these inherited rules.
有没有什么方法来禁用这些继承的授权规则,只为我的子文件夹?
Is there any way to disable these inherited authorization rules, only for my subfolder?
在此先感谢!
推荐答案
在你的根目录下的web.config尝试以下
In web.config of your root directory try following
<location path="MySite/SubDirectory" allowOverride="false">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
这篇关于ASP.NET授权继承规则的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!