IIS 7.5 和授权
我有一个asp.net/silverlight网站,曾经在iis6下工作。我们正在升级到iis7.5,但我无法让它正常工作。
基本上之前,该网站是使用表单授权设置的,并且整个网站设置为拒绝所有用户。然后,我设置登录页面、图像和 default.aspx 文件以供匿名访问。一切都好。
我还在其他文件夹上设置了角色安全性。用户登录后,他们将获得自己的角色,并且能够访问他们有权访问的文件夹。
在 7.5 中几乎什么都不起作用。我已关注网络上的所有信息,但无济于事。任何人都可以帮忙
以下是我的 web.config 文件的部分
<authentication mode="Forms">
<forms loginUrl="login.aspx" requireSSL="false" timeout="30" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<location path="images">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="default.aspx">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="www">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="manuals/customer">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="man_customer" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="manuals/msa">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="man_msa" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/msa">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_msa" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/admin">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_admin" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/customer">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_customer" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules>
<remove name="FormsAuthentication" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
<remove name="RoleManager" />
<add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
<add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</modules>
<handlers>
<remove name="WebServiceHandlerFactory-Integrated" />
<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</handlers>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="?" />
</authorization>
</security>
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
</files>
</defaultDocument>
</system.webServer>
当网站启动时,它最初重定向到 login.aspx 文件。无法访问图像文件夹中的图像。
I have a asp.net/silverlight website that used to work under iis6. We are upgrading to iis7.5 but I cannot get it to work properly.
Basically prior, the website was setup with Forms authorisation and the entire website was set to deny all users. I then setup the login page, images and default.aspx files to be accessed anoymously. All good.
I also had roles security setup on other folders. Once the users logged in, they would get their roles and they were able to access the folders which they were given access to.
In 7.5 virtually nothing is working. I have followed all the info on the web but to no avail. Can anyone help
Here are the sections of my web.config file
<authentication mode="Forms">
<forms loginUrl="login.aspx" requireSSL="false" timeout="30" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<location path="images">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="default.aspx">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="www">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="manuals/customer">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="man_customer" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="manuals/msa">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="man_msa" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/msa">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_msa" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/admin">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_admin" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<location path="documents/customer">
<system.webServer>
<security>
<authorization>
<add accessType="Allow" users="" roles="doc_customer" />
<add accessType="Deny" users="*" />
</authorization>
</security>
</system.webServer>
</location>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules>
<remove name="FormsAuthentication" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
<remove name="RoleManager" />
<add name="RoleManager" type="System.Web.Security.RoleManagerModule" />
<add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</modules>
<handlers>
<remove name="WebServiceHandlerFactory-Integrated" />
<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</handlers>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="?" />
</authorization>
</security>
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
</files>
</defaultDocument>
</system.webServer>
When the website starts up it initially redirects to the login.aspx file. The image from the images folder is not accessible.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不确定你如何让它在 IIS 6 上工作,但我在 IIS 7.5 上运行了类似的东西,并且我的
web.config看起来有点不同。试试这个:Not sure on how you had it working on IIS 6, but I've got something similar running on IIS 7.5 and my
web.configlooks a little different. Try this: