如何使用 ASP.NET Core 中的绝对路径将浏览器重定向到共享文件或目录并通过 Active Directory 进行身份验证？

发布于 2025-01-17 19:45:26 字数 1411 浏览 0 评论 0 原文

背景：我在公司内工作的部门有一个公司 Intranet 网页，其中包含指向我们本地服务器上的文件和目录的快速链接，以及位于公司内不同位置的另一台服务器的共享驱动器内的文件和目录。用户使用其凭据将共享驱动器映射到他们的计算机上，然后他们可以使用主页快速导航到常用文件或目录。这在 IE 上工作了很多年，但由于安全违规，它在 Edge 或其他常见浏览器中不起作用：“不允许加载本地资源：”现在 IE 的支持即将结束，我们希望让链接在 Edge 中工作使用。

我们的 ASP.NET Core 应用程序在 IIS 和本地服务器上运行。或者，我可以使用操作方法而不是本地服务器上文件的绝对路径，因为应用程序托管在本地服务器上。我通过使用驱动器号和文件的完整路径来读入字节数组并作为文件返回来执行此操作。我不知道如何对共享服务器执行此操作，用户可以在共享服务器上下载文件并在浏览器中打开文件夹。

目前，我们有指向文件的静态链接，例如：File

或目录： Directory

我可以将绝对路径复制到任何浏览器中： file://///shared-server-name/Folder 它将显示该文件夹及其内容。我只是无法通过 IE 之外的 HTML 标记来完成此操作。

到目前为止我已经尝试过：

我尝试使用控制器中的操作方法重定向到绝对路径，而不是静态链接：

public ActionResult GetFile()
{
  redirect("shared-server-name/Folder") 
}

这会在浏览器中返回一个错误：“它看起来像 https://localhost 的网页： *****/home/getfile 可能有问题，或者它可能已永久移动到新网址。”

我尝试进行模拟，看看是否是因为应用程序使用的应用程序身份：

IPrincipal p = _httpContextAccessor.HttpContext.User;
if (p.Identity is WindowsIdentity wid)
{
    
    await WindowsIdentity.RunImpersonated(wid.AccessToken, () => {
        bool exists= Exists("shared-server-name/Folder");

        log.Debug(exists);
        return Task.CompletedTask;
    });
}

存在时返回 false。

我了解安全错误的原因，但由于这是一个 Intranet 站点，并且只能通过配置的用户访问共享驱动器，因此我们希望今后在 Edge 中保持相同的设置。

原文

Background: The division I work at within my company has a company intranet webpage with quick links to files and directories located on our local server, and within a shared drive from another server at a different location within the company. The users have the shared drive mapped on their machine using their credentials, and then they can use the home web page to quickly navigate to common files or directories. This worked fine for many years with IE, but it does not in Edge or other common browsers due to a security violation: "Not allowed to load local resource: " Now that IE's support is ending soon we want to get the links working in Edge to use.

Our ASP.NET Core application runs within IIS, and on our local server. Alternatively, I can use an action method instead of the absolute path to a file on the local server since the application is hosted on it. I do this by using the drive letter and full path to the file to read into a byte array and return as a File. I do not know how to do this for the shared server, where users can download files and open up a folder within the browser.

Currently we have static links to a file like: <a href="file://///server-name/Folder/file.docx">File</a>

or Directory: <a href="file://///shared-server-name/Folder">Directory</a>

I can copy the absolute path into any browser: file://///shared-server-name/Folder and it will show me the folder and its contents. I just can't do it through the HTML markup outside of IE.

What I've tried so far:

Instead of the static links, I tried redirecting to the absolute path using an action method in the controller:

public ActionResult GetFile()
{
  redirect("shared-server-name/Folder") 
}

This returns an error in the browser: "It looks like the webpage at https://localhost:*****/home/getfile might be having issues, or it may have moved permanently to a new web address."

I tried doing impersonation to see if it was because of the app identity the application was using:

IPrincipal p = _httpContextAccessor.HttpContext.User;
if (p.Identity is WindowsIdentity wid)
{
    
    await WindowsIdentity.RunImpersonated(wid.AccessToken, () => {
        bool exists= Exists("shared-server-name/Folder");

        log.Debug(exists);
        return Task.CompletedTask;
    });
}

returns false for exists.

I understand the reason for the security error, but because this is an intranet site, and the access to the shared drive is only through users who are provisioned to it, we'd like to keep the same setup within Edge going forward.

分享到QQ

分享到微博