AddressAccessDeniedException :无需 netsh 即可解决它?
我遇到了异常 AddressAccessDeniedException 因为我的 processus 无权注册 URL。我首先以管理员身份运行我的程序:好的,它成功了。
但我现在想要分发我的应用程序,并且我希望每个用户都能够运行它,而不必成为管理员。
有没有办法自动授予用户访问权限?
我看到了命令:
netsh http add urlacl url=http://+:8000/ user=DOMAIN\UserName
我应该使用它吗?如果是,怎么办?
我想做的是在没有管理员身份的情况下授予访问权限...这样说,看起来很愚蠢,但可能是...
I encountered the exception AddressAccessDeniedException because my processus does not have the right to register the URL. I first ran my program as an administrator : ok, it worked.
But I now want to distribute my application, and I would like every user to be able to run it without having to be administrator.
Is there a way to automatically grant the access to the user?
I saw the command :
netsh http add urlacl url=http://+:8000/ user=DOMAIN\UserName
Should I use that? If yes, how?
What I would like to do would be to grant the access withouth being an administrator... said like that, it seems stupid, but may be...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
那是不可能的。 Windows 使用内核驱动程序来处理 HTTP 请求,并且在此驱动程序上打开侦听器由 ACL(访问控制列表)保护。如果您想打开侦听器以便您的应用程序可以侦听来自其他计算机的请求,您必须以管理员身份运行它以传递 ACL,或者您必须拥有权限(= 您必须位于 ACL 中)。您还可以关闭UAC(用户访问控制)来绕过这些检查。
netsh是一个允许您为 HTTP.sys(内核驱动程序)设置 ACL 的工具。您可以授予任何用户在选定端口上侦听的权限,但显然您必须是管理员才能授予这些权限,或者您必须有权委派已配置权限的权限,否则此安全性的全部意义将消失。将
netsh调用添加到您的安装包中,并要求以管理员身份完成安装(这对于许多应用程序来说很常见)。另请注意,netsh 仅适用于 Windows Vista、Windows 7、Windows Server 2008 和 Windows Server 2008 R2。对于 Windows 2003 和 Windows XP(至少需要 SP2),您需要另一个名为httpcfg的工具,该工具不是操作系统安装的一部分(必须单独安装)。That is not possible. Windows uses kernel driver to process HTTP requests and opening listeners on this driver is secured by ACLs (access control list). If you want to open listener so that your application can listen on requests from other machines you must either run it as administrator to pass ACL or you must have permissions (= you must be in ACL). You can also turn off UAC (user access control) to bypass these checks.
netshis a tool allowing you to set up ACL for HTTP.sys (kernel driver). You can give permissions to any user to listen on selected port but obviously you must be admin to give these permissions or you must have permissions to delegate rights for already configured permissions otherwise the whole point of this security will be gone.Add that
netshcall to your installation package and require the installation to be done as admin (that is quite common for many applications). Also be aware that netsh works only on Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2. For Windows 2003 and Windows XP (at least SP2 is required) you need another tool calledhttpcfgwhich is not part of OS installation (it must be installed separately).