ASP.NET 4 中的授权
我有一个在 Windows 7 Ultimate 上运行 ASP.NET 4.0 的网站。
它使用 FormsAuthentication,带有一个漂亮的小登录页面,就登录和身份验证而言,所有这些都很好。
但无法正常工作的是子目录中的目录授权覆盖。
我希望经过身份验证的用户和未经身份验证的用户都能够访问 inc 和 images 目录,以便登录页面可以正确设置 CSS 样式并具有徽标等在顶部。
好吧,很简单,对吧?我尝试通过根 web.config 中的
<location path="images">
<system.web>
<authorization>
<allow users="*,?" />
</authorization>
</system.web>
</location>
以及目标目录中的单个 web.config 文件如下:
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow users="*,?" />
</authorization>
</system.web>
</configuration>
但对于某些原因是它不允许匿名用户进入这些目录。我已经通过尝试直接访问图像的 URL 之一来验证它与授权有关,但失败了。但登录后我可以很好地拉起它。
.NET 4.0 中有关授权的更改是否导致此功能无法正常工作?我在 2.0 和 3.5 网站上做了同样的事情,没有任何问题。
I have a site which is running in ASP.NET 4.0, on Windows 7 Ultimate.
It is using FormsAuthentication, with a nice little logon page, all of which is fine so far as logging in and authenticating.
What is NOT working okay though is directory authorization overriding in sub-directories.
I want both authenticated and non-authenticated users to have access to the inc and images directories, so that the login page can be properly CSS-styled and have the logo and such on the top.
Okay, easy enough, right? I tried allowing anonymous access to these folders both by a <location> tag in the root web.config as so:
<location path="images">
<system.web>
<authorization>
<allow users="*,?" />
</authorization>
</system.web>
</location>
as well as individual web.config file in the target directories as so:
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow users="*,?" />
</authorization>
</system.web>
</configuration>
but for some reason it is not allowing the anonymous user into those directories. I've verified it has to do with authorization by trying to go directly to one of the image's URLs and it fails. But after logging in I can pull it up just fine.
Was something changed in .NET 4.0 with regards to authorization that this would not be working? I've done the same exact thing in 2.0 and 3.5 sites with no problem.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
想通了这一点。我已将我的网站目录从默认目录移出。尽管 IIS 已向
IIS_IUSERS组授予该目录的权限,但出于某种原因,它并没有向IUSR用户授予该目录的权限。手动添加他,然后BOOM,成功了!Figured this out. I had moved my web site directory from the default. And although IIS had given the
IIS_IUSERSgroup permission to that directory it for some reason did not give theIUSRuser rights to the directory. Added him on manually, and BOOM, it worked!