stackoom
  简体   繁体   中英

Disable authentication on some pages, only for local network requests

 原文  2016-11-30 12:30:05       asp.net/ .net/ c#-4.0/ iis-express

Question

I want to allow local network (intranet) users to access a specific page on my website without authentication.

I have found I could do this with location tag in config file ( here ), but this would also allow internet users to access the page without authentication.

Thank you

2 answers

solution1
 0  2016-12-04 04:47:34

为用户创建自定义授权,并基于本地IP地址允许用户访问该页面,否则重定向到登录页面或401页面

solution2
 0 ACCPTED  2016-12-04 10:07:57

As you speak about location, i guess that you are using Asp.NET webforms

What about using the global.asax event AuthenticateRequest, and returning an error 403 when the user IP address is not from your intranet ? 

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
        // if IP doesn't match, throw a 403 forbidden

}

You could also implement that in a HttpModule, but as AuthenticateRequest is a built-in app event, i'd just stick to it

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Disable form authentication for public pages implement form authentication on some pages not all pages The test form is only available for requests from the local machine - Only some methods Is there a way to bypass forms authentication for local requests? How to apply form authentication for some web pages Double requests for aspx pages, NTLM authentication request fails WebRTC with SignalR only working on local network How to disable CSS in asp.net for some pages IIS requiring Windows Authentication on some pages of a Web Forms site? How can I Protect some pages through authentication?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM