![](/img/trans.png)
[英]Upload images/files to blob azure, via web api ASP.NET framework Web application c#
[英]Secure and Automated way of giving permissions for upload folder in ASP.NET C# web application?
我們的ASP.NET C#Web應用程序將jpg,png,docx,txt等各種文件上傳到名為ClientBin的文件夾中。 在Visual Studio 2010 .NET IDE隨帶的Visual Studio 2010 .NET測試服務器上,一切正常。
但是,如果將應用程序部署到IIS7服務器,則必須授予應用程序的Web用戶上載文件的權限。 我們基本上使用IIS7登錄到我們的服務器,然后手動修改名為ClientBin的文件夾的Security屬性,該文件夾最終應包含jpg,png,docx,txt等內容。
---允許網絡用戶成功上傳工作的手動方法---------------------------
右鍵單擊資源管理器中的projectfolder \\ ClientBin文件夾,選擇“屬性”,然后選擇“安全性”選項卡。 單擊“添加”以添加適當的用戶或組。 突出顯示ASP.NET帳戶,然后選中所需訪問權限的框。 ---使上傳成功工作的手動方法---------------------------
-程序化方法,在嘗試上傳時仍會給網絡用戶帶來異常錯誤------------------
String DirectoryPath = System.IO.Path.Combine(Server.MapPath("~/ClientBin/"));
DirectorySecurity specificDirectorySecurity = Directory.GetAccessControl(DirectoryPath);
specificDirectorySecurity.AddAccessRule(new FileSystemAccessRule("Users", FileSystemRights.Modify, AccessControlType.Allow));
specificDirectorySecurity.AddAccessRule(new FileSystemAccessRule("Administrators", FileSystemRights.Modify, AccessControlType.Allow));
specificDirectorySecurity.AddAccessRule(new FileSystemAccessRule("SYSTEM", FileSystemRights.Modify, AccessControlType.Allow));
Directory.SetAccessControl(DirectoryPath, specificDirectorySecurity);
-程序化方法,在嘗試上傳時仍會給網絡用戶帶來異常錯誤------------------
另一個在線帖子建議我通過在web.config中輸入以下內容來解決此問題:
----可以通過編程方法解決問題的XML配置--------
身份impersonate =“ true” userName =“ ComputerName \\ Administrator”密碼=“ don”
----可以通過編程方法解決問題的XML配置--------
但是,如果使身份假冒為真,我擔心安全性問題。
什么是最安全,最自動化(可能意味着編程解決方案)的方式?
謝謝,
新員工
通常,向應用程序授予目錄權限,並且該應用程序管理用戶對上載文件夾的訪問。
所有:
即使我無法弄清楚C#如何修改上傳文件夾的權限。
似乎Microsoft Windows PowerShell可以以編程方式修改上載文件夾的權限。
這是通過編程方式修改上傳文件夾權限的代碼片段:
$computerHostName = [System.Net.Dns]::GetHostName()
#These constants are used to set permissions
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]::None
$colRights = [System.Security.AccessControl.FileSystemRights]"Modify"
$objType =[System.Security.AccessControl.AccessControlType]::Allow
#(MSDN Docs) The IIS_IUSRS Group has access to all the necessary file and system resources
# so that an account, when added to this group, can seamlessly act as an application pool identity.
# IIS_IUSRS group by default includes the web users that log on to the Perls Applications.
#If a web user needs to upload resources to the folder within the Perls Web Application that
# contains uploaded resource files then we need to ensure that the members of the
# IIS_IUSRS Group have permissions to add resource files to that particular Perls Web Application upload folder.
#This determines which user is the guest user for IIS. Windows Vista and 08 use the IIS_USRS group, Previous version use
#IUSR_[MachineName]
if ([environment]::osversion.Version.Major -eq 6) {
$webUser="IIS_IUSRS"
} else {
$webUser="IUSR_" + $computerHostName
}
$clientBinDirectoryPath = "D:\DeployedApplications\" + $umbrellaComponentName + "\" + $siteWebComponentName + "\" + "ClientBin"
$perlsPivotErrorDirectoryPath = "D:\DeployedApplications\" + $umbrellaComponentName + "\" + $siteWebComponentName + "\" + "PerlsPivotErrorDirectory"
$aclForClientBinDirectoryPath = Get-Acl $clientBinDirectoryPath
$accessRuleForClientBinDirectoryPath = New-Object System.Security.AccessControl.FileSystemAccessRule($webUser, $colRights, $inherit, $propagation, $objType)
$aclForClientBinDirectoryPath.AddAccessRule($accessRuleForClientBinDirectoryPath)
Set-Acl -aclobject $aclForClientBinDirectoryPath $clientBinDirectoryPath
$aclForPerlsPivotErrorDirectoryPath = Get-Acl $perlsPivotErrorDirectoryPath
$accessRuleForPerlsPivotErrorDirectoryPath = New-Object System.Security.AccessControl.FileSystemAccessRule($webUser, $colRights, $inherit, $propagation, $objType)
$aclForPerlsPivotErrorDirectoryPath.AddAccessRule($accessRuleForPerlsPivotErrorDirectoryPath)
Set-Acl -aclobject $aclForPerlsPivotErrorDirectoryPath $perlsPivotErrorDirectoryPath
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.