English 中文(简体)
IIS 6 忽视了网络。
原标题:IIS 6 ignores Web.config authorization settings

背景:

  • IIS 6 on Windows 2003 Server
  • ASP.NET 3.5 sp1
  • C# Web Application running from a virtual directory

我不想使用几个档案。 例如,在根本目录中,有一张<代码>hibernate.cfg.xml,但不能查阅。 记录目录中也有记录文档。 关于当地发展服务器(2008年虚拟演播室) 可以通过网络保护NHibernate config文档。

<location path="hibernate.cfg.xml">
    <system.web>
      <authorization>
        <deny users="?"/>
        <deny users="*"/>
      </authorization>
    </system.web>
</location>

页: 1

<httpHandlers>
...
    <add path="*.cfg.xml" verb="*" type="System.Web.HttpForbiddenHandler" />
</httpHandlers>

不同目录中的标识可通过另一个网站加以保护。

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <deny users="*"/>
    </authorization>
  </system.web>
</configuration>

这些应用在编集时,没有使用作为净值的电子数据,也没有安装到国际数据系统6服务器。 记录中没有错误。 这些档案可读给任何人。 该申请采用MSBuild汇编和安装如下:

<AspNetCompiler Force="true" Debug="true" PhysicalPath="$(DeploymentTempPath)$(DeploymentAppName)" TargetPath="$(DeploymentPath)$(DeploymentAppName)" VirtualPath="/$(DeploymentAppName)" />

我如何使国际会计准则第6号在网上遵守授权规则。

注:假设我无法将这些档案移至部署目录之外。

最佳回答
问题回答

为此:

<location path="hibernate.cfg.xml">
    <system.web>
      <authorization>
        <deny users="?"/>
        <deny users="*"/>
      </authorization>
    </system.web>
</location>

诸如.jpg.xml.pdf等法定文件均按违约情况由格鲁斯·直接处理。 除非你将延期计划绘制到协会。 他们从来不会打过伙伴关系。 NET输电管系统,因此是伙伴关系内的授权机制。 NET。

强迫固定档案,如xml,由NET在2.0/3.5/4.0和IIS6上处理:

(1) 如上文所述,将xml(或其他档案类型)的条目添加到IIS(IIS6网站性质、家庭名录、配置)。

2)上网。 conf 添加限制名录或档案的位置

<location path="directory_or_file_name">
    <system.web>
      <authorization>
        <deny users="?"/>
      </authorization>
    </system.web>
</location>

3) 在http://Handlers部分添加以下内容:

<add path="*.xml" verb="*" type="System.Web.StaticFileHandler" validate="true" />

否则就将生效。 NET仅用于<position> tag至认证用户。

URL Authorization: The URLAuthorizationModule class is responsible for URL authorization on Windows 2003. This mechanism uses the URL namespace to store user details and access roles. The URL authorization is available for use at any time. You store authorization information in a special XML file in a directory. The file contains tags to allow or deny access to the directory for specific users or groups. Unless specified, the tags also apply to subdirectories.

你们需要做以下工作:

<deny users="?"/>
<deny users="*"/>

野生卡进入“?”是指没有人能够查阅该名录。





相关问题
Anyone feel like passing it forward?

I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...

How to Add script codes before the </body> tag ASP.NET

Heres the problem, In Masterpage, the google analytics code were pasted before the end of body tag. In ASPX page, I need to generate a script (google addItem tracker) using codebehind ClientScript ...

Transaction handling with TransactionScope

I am implementing Transaction using TransactionScope with the help this MSDN article http://msdn.microsoft.com/en-us/library/system.transactions.transactionscope.aspx I just want to confirm that is ...

System.Web.Mvc.Controller Initialize

i have the following base controller... public class BaseController : Controller { protected override void Initialize(System.Web.Routing.RequestContext requestContext) { if (...

Microsoft.Contracts namespace

For what it is necessary Microsoft.Contracts namespace in asp.net? I mean, in what cases I could write using Microsoft.Contracts;?

Separator line in ASP.NET

I d like to add a simple separator line in an aspx web form. Does anyone know how? It sounds easy enough, but still I can t manage to find how to do it.. 10x!