如何以编程方式将位置元素添加到 Web 配置中?
我有一个从数据库创建页面路由的应用程序。我的整个网站都通过表单身份验证进行保护,但我需要允许未经身份验证的用户访问这些路由。我不想在 web.config 中对路由进行硬编码
有人可以帮忙吗?
I have an application which creates page routes from a database. My whole site is secured with forms authentication but I need to allow unauthenticated uses to access these routes. I don't want to hard-code <location> tags for the routes in the web.config as this will negate me using a database to generate the routes.
Can anyone help?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
谢谢大家。我发现 这里的答案
基本上,它涉及为每个路由创建一个文件夹,并将一个 web.config 文件放入其中以允许访问。此方法需要与将 RouteExistingFiles 设置为 false 结合使用,以便路由不会与文件夹混淆。
Thanks everyone. I've found an answer here
Basically it involves creating a folder for each route and putting a web.config file in it allowing access. This approach needs to be coupled with setting RouteExistingFiles to false so that the routes don't get confused with the folders.
为什么不直接在 XML 中进行修改,而不是使用强类型配置类?
下面是一个简短的代码片段,用于演示我的一些代码中的概念,即在 machine.config 中调整 IIS 性能。不过,其他 XML 配置文件的原理是相同的。您只需创建适当的 XPath 语句即可完成您需要的操作。
保存时,XmlDocument 对象将保留所有其他未更改的文档节点。非常方便。它对于修改 machine.config 非常有用。我看到的唯一可能的问题是,当您将更改保存到 web.config 时,您的应用程序可能会重置。因此,请在安全的环境中使用 web.config 的备份进行测试,以防重置导致任何不良结果!
Rather than using strongly typed configuration classes, why not make the modifications directly in XML?
Here's an abbreviated snippet to demonstrate the concept from some code of mine that performance IIS tuning in the machine.config. The principal is the same for other XML config files though. You just need to create the appropriate XPath statements to do what you need.
When saved, the XmlDocument object will preserve all other untouched document nodes. Very handy. It works great for modifying the machine.config. The only possible issue I can see is that your application will probably reset when you save your changes to the web.config. So test it out in a safe environment with a backup of your web.config just in case the reset causes any undesired outcomes!
我为您找到了此 MSDN 链接。我没有找到是否可以通过这种方式修改正在运行的服务器实例的配置。
I found this MSDN link for you. I didn't find whether you can modify the config of running server instance this way though.
您是否考虑过以不同的方式实施网站安全?网站的一部分允许未经身份验证的访问,另一部分则不允许。我“假设”(不好)您正在使用 MVC,因为您正在描述路由 - 这对于 MVC 和传统的 Web 表单应用程序来说都很容易做到。
Have you considered implimenting your site security in a different way? Having a portion of the site that allows unauthenticated access and a portion that does not. I am "assuming" (bad) that you are using MVC since you are describing routes - this is very easy to do with both MVC and traditional web form applications.