如何在 IIS6 和 asp.net 中配置上传文件夹?赢得服务器2003 SP2
我有一个内部 asp.net 应用程序,它使用 fileupload 控件将数据文件放入“drop”文件夹中。我想锁定此文件夹,以便只有属于本地组的用户才能实际验证和上传文件。 我在服务器上创建了一个组,将域用户添加到本地组中。然后我授予该组对“drop”目录的写入权限。
当我尝试将文件上传到目录时,我得到了预期的登录屏幕,但我的登录不起作用,经过几次尝试后,页面出现错误,并显示“访问路径 '\server\path\fubar\drop 文件夹名称” \filename.txt"被拒绝"
如何设置以便每个用户都必须登录但登录实际上有效? TIA J
I have an internal asp.net app that uses the fileupload control to put data files in a "drop" folder. I would like to lock down this folder so only users that are part of a local group can actually authenticate and upload the file.
I have created a group on the server, added the domain users to the local group. I have then given that group write access to the "drop" directory.
When I try to upload a file to the directory I get the expected login screeen but my login doesn't work and after several tries the page errors out with "Access to path '\server\path\fubar\drop folder name\filename.txt" is denied"
How do I set it up so that each user has to login but the login actually works?
TIA
J
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您遇到权限问题。
1) 您需要在 IIS Web 服务器上设置模拟 (http://msdn. microsoft.com/en-us/library/134ec8tc.aspx)。这将允许网络凭据从任何 Internet Explorer 浏览器传递到 Web 服务器。
2)然后您需要右键单击上传文件夹,然后转到“属性”--> '安全'--> '编辑'--> '添加'-->输入用户/组的名称 -->点击确定-->选择正确的权限(读取和修改)。
注意:如果您正在操作内部 Web 应用程序,则不需要用户登录。这就是模拟的全部意义。如果人们已经在网络上进行了身份验证,那么让他们登录就没有意义。
如果您必须让他们从顶部登录,那么您需要根据您的 AD 服务器验证它们,然后以编程方式更改页面操作的用户,如下所示:
You are experiencing a permission issue.
1) You need to set up impersonation on the IIS webserver (http://msdn.microsoft.com/en-us/library/134ec8tc.aspx). This will allow the network credentials to be passed through from any internet explorer browser to the web server.
2) You then need to right click on the upload folder and then go to 'properties' --> 'security' --> 'edit' --> 'add' --> type in the name of the users/groups --> click ok --> select correct privaliges (Read and Modify).
NOTE: if you are operating a an internal web application you dont need the user to log in. Thats the whole point of impersonation. No point in makign people log in if they have authenticated on the network already.
If you must make them log in over the top then you need to validate them against your AD server and then change the user that the page is operting under programatically like this: