xml文件的表单身份验证
[英]Forms authentication for xml files
问题描述
I was wondering if you could protect xml files through forms authentication in ASP.NET 3.5. 
我想知道您是否可以通过ASP.NET 3.5中的表单身份验证来保护xml文件。 I have some licensekeys that are found online, but you shouldn't be able to download them unless you are logged on. 我有一些在线找到的许可证密钥,但是除非登录,否则您将无法下载它们。
For aspx pages this works automatically but not for xml files. 对于aspx页面,此功能会自动运行,但不适用于xml文件。
1 个解决方案
解决方案1
1 已采纳 2009-07-13 13:02:27
Place the xml files in a certain folder, add web.config to this folder containing: 将xml文件放在某个文件夹中,将web.config添加到包含以下内容的文件夹中:
<configuration>
<system.web>
<authorization>
<deny users="?"/>
<allow roles="admin"/>
</authorization>
</system.web>
</configuration>
Change the '?' 更改“?” (which means anonymous users - ie not logged in users) to '*' in order to deny all users (the server will have access [eg via Server.MapPath etc.]). (这意味着匿名用户-即未登录的用户)为“ *”,以拒绝所有用户(服务器将具有访问权限(例如,通过Server.MapPath等))。
Respectively you can play with the roles or remove this line. 您可以分别扮演角色或删除此行。
Also, consider that in the web.config file you can deny and allow specific extensions as follows: 另外,请考虑在web.config文件中,您可以拒绝并允许特定的扩展名,如下所示:
<system.web>
<httpHandlers>
<remove verb="*" path="*.xml" />
<!--or-->
<add verb="*" path="*.xml" type="System.Web.HttpForbiddenHandler" />
</httpHandlers>
</system.web>
Please don't rely on this last snippet till you make sure what are your needs. 在确定需要什么之前,请不要依赖最后一个片段。 You can find out more on Http Handlers , or take a look at How to: Register HTTP Handlers . 您可以在Http Handlers上找到更多信息,或者看一下如何:注册HTTP Handlers 。
I also noticed someone asked a similar question here , you may find it helpful. 我还注意到有人在这里问类似的问题,您可能会发现它很有帮助。
Hope you to find your quickly find your solution, good luck! 希望您能尽快找到解决方案,祝您好运!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.