仅允许特定 Web 用户对文件夹进行写访问
我有一个用 C# 编写的网站,它使用表单身份验证来允许用户访问该网站上的其他内容。其中一些用户拥有我创建的名为 Admin 的 aspnet 角色。这些用户只能向网站添加内容,包括上传图像。
授予这些特定用户对图像文件夹的写入权限而仅授予其他用户读取权限的正确方法是什么?
我考虑在 IIS7 服务器上使用传递身份验证,但无法将所有用户添加到文件夹权限,因为一直在添加新用户。我还考虑过使用虚拟目录,但我不确定如何实现这一点。
I have a website that is written in C# that uses Forms Authentication to allow users to access additional content on the site. Some of those users have an aspnet role I created called Admin. These users only can add content to the site including uploading images.
What is the proper way to give these specific users write access to the images folder and only give other users read access?
I looked at using pass-through authentication on my IIS7 server but I can't add all of the users to folder permissions because new users are being added all the time. I also thought about using a virtual directory but I wasn't sure how to make that work.
我不知道这是否是最佳实践,但您可以在 web.config 文件中为特定目录设置模拟:
有关模拟的更多信息:http://msdn.microsoft.com/en-us/library/aa292118(v=vs.71).aspx
I don't know if this is best practice, but you can setup impersonation in your web.config file for a specific directory:
Some more information on impersonation: http://msdn.microsoft.com/en-us/library/aa292118(v=vs.71).aspx