如何测试虚拟目录的用户权限?
[英]How to test user permissions for virtual directory?
问题描述
Within a HttpModule, following a url rewrite, I'm am testing user permissions to a to a virtual path situated within my application using: 
在HttpModule中,在url重写之后,我正在使用以下方法测试对应用程序中的虚拟路径的用户权限:
// Since we are now rewriting the path we need to check again that the
// current user has access to the rewritten path.
// Get the user for the current request
// If the user is anonymous or authentication doesn't work for this suffix
// avoid a NullReferenceException in the UrlAuthorizationModule by creating
// a generic identity.
string virtualCachedPath = cache.GetVirtualCachedPath();
IPrincipal user = context.User ?? new GenericPrincipal(
new GenericIdentity(string.Empty, string.Empty), new string[0]);
// Do we have permission to call
// UrlAuthorizationModule.CheckUrlAccessForPrincipal?
PermissionSet permission = new PermissionSet(PermissionState.None);
permission.AddPermission(
new AspNetHostingPermission(AspNetHostingPermissionLevel.Unrestricted));
bool hasPermission =
permission.IsSubsetOf(AppDomain.CurrentDomain.PermissionSet);
bool isAllowed = true;
// Run the rewritten path past the auth system again, using the result as
// the default "AllowAccess" value
if (hasPermission && !context.SkipAuthorization)
{
isAllowed = UrlAuthorizationModule.CheckUrlAccessForPrincipal(
virtualCachedPath, user, "GET");
}
Where virtualCachedPath is any virtual path eg ~/app_data/cache situated with the root of the application. 其中virtualCachedPath是任何虚拟路径,例如位于应用程序根目录的~/app_data/cache 。
http://msdn.microsoft.com/en-us/library/system.web.security.urlauthorizationmodule.checkurlaccessforprincipal(v=vs.110).aspx http://msdn.microsoft.com/en-us/library/system.web.security.urlauthorizationmodule.checkurlaccessforprincipal(v=vs.110).aspx
This however, will throw an ArgumentException though if tested against an external virtual directory. 但是,如果针对外部虚拟目录进行测试,则会抛出ArgumentException 。
[ArgumentException: Virtual path outside of the current application is not supported.
Eg 例如
What is the correct method to check user permission to a virtual directory? 检查用户对虚拟目录的权限的正确方法是什么?
1 个解决方案
解决方案1
2 已采纳 2014-07-26 05:53:12
I am able to successfully use the UrlAuthorizationModule.CheckUrlAccessForPrincipal method to check for access to files that reside in an external directory, which is mapped as a virtual directory, when the path that is passed to CheckUrlAccessForPrincipal is a relative, URL formatted path ("~/PATH"). 我能够成功使用UrlAuthorizationModule.CheckUrlAccessForPrincipal方法来检查驻留在外部目录中的文件的访问权限,当传递给CheckUrlAccessForPrincipal的路径是相对的URL格式的路径时,该文件被映射为虚拟目录(“〜 /路径”)。 If instead I pass the physical path using file system conventions ("C:\\PATH\\"), I get the ArgumentException that you describe. 如果我使用文件系统约定(“C:\\ PATH \\”)传递物理路径,我会得到您描述的ArgumentException 。
So I suspect that the virtualCachedPath may actually be a file system formatted path, at least in the instances that the exception is being raised. 所以我怀疑virtualCachedPath实际上可能是文件系统格式化的路径,至少在引发异常的实例中。 I would recommend that you implement logging in your application so that you can double check the value of virtualCachedPath when that exception is raised: 我建议您在应用程序中实现日志记录,以便在引发该异常时可以仔细检查virtualCachedPath的值:
try
{
isAllowed = UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualCachedPath, user, "GET");
}
catch (ArgumentException ex)
{
Trace.TraceInformation("VirtualCachedPath: {0}", virtualCachedPath);
throw;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.