stackoom
  简体   繁体   中英

How do you do security permissions when adding a common content virtual directory to a web application?

 原文  2011-05-05 14:03:06       c#/ .net/ asp.net/ iis/ iis-7

Question

Some Background

We have a team of four developers and we have two web application projects in our visual studio solution. We decided to centralize resources between these two applications like images and video, etc. How we did this was we created a directory on another server ("\\devfileshare\WebFileShare\Content"). We then add this directory as a virtual directory at the root of both web applications in IIS. Essentially this makes "~/Content" point to "\\devfileshare\WebFileShare\Content".

The Problem

The problem we had was with the security permissions. What we had to do was create a user on devfileshare called "fileshare" and give that user read and write permissions to the content directory. Then on every developer's computer we had to add that same user ("fileshare") with the same password. After that we had to set each application pool to run under that user instead of the default. Then finally we had to add the virtual directory, setting the "Connect As" user to "fileshare".

This actually works and our projects can write to and read from the virtual directory. My question is, is there an easier way to accomplish this? Currently we have to add a new user to every new developer computer we set up, then modify IIS application pools and virtual directories to use this new user. It's a bit of a pain and it seems like there would be an easier way to set up virtual directories to point to another server on the network.

Thanks in advance. Let me know if you have any questions or if I did not make something very clear.

1 answers

solution1
 1 ACCPTED  2011-05-05 14:20:43

Two part approach here: Domain Users the developers (1) and IIS server access(2)

1) Using active directory coordinate with your network administrator to create security groups, like "XProjectDevelopers" and add all developers to this group and give read-write permissions for the directory to this group instead of to individuals. You get a new developer, the network admins just adds them to the group and your done.

2) IIS operates under a domain account, grant that domain account (on the server, it is in service settings, here again, your network admins should be able to help) read-only privileges to the target directory.

This should get you pointed in the right direction. Remember it is often helpful to bribe your network administrators with cookies or brownies.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I mark an application as a web application? (As opposed to a virtual directory.) How do you modify a Web Setup Project to create a new website, app pool and virtual directory? How do you check for permissions to write to a directory or file? How do you change file permissions to stop Vista from writing to a file in the VirtualStore directory? How do I get the Web Directory during Application_Start? How do you view eDrawing files on a web application? How do you centralize the Entity Framework data context in a web application? How do you pull values from a linked App.config in Web application when Web.config exists? How do I change the default Virtual Directory name during a web service install? How to get the subdirectory in virtual directory of a sharepoint web application?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM