I want to allow local network (intranet) users to access a specific page on my website without authentication.
I have found I could do this with location tag in config file ( here ), but this would also allow internet users to access the page without authentication.
Thank you
为用户创建自定义授权,并基于本地IP地址允许用户访问该页面,否则重定向到登录页面或401页面
As you speak about location, i guess that you are using Asp.NET webforms
What about using the global.asax event AuthenticateRequest, and returning an error 403 when the user IP address is not from your intranet ?
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
// if IP doesn't match, throw a 403 forbidden
}
You could also implement that in a HttpModule, but as AuthenticateRequest is a built-in app event, i'd just stick to it
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.