发表新帖
发表新帖

Is it possible to allow anonymous user to browse only few files from a folder

前端 未结
关注
2 872
时光取名叫无心
时光取名叫无心 2021-01-24 00:54

I want to allow anonymous users to browse only few files like default.aspx, aboutus.aspx, contactus.aspx etc. Is there a way to write all these file names in one place or I will

相关标签:
2条回答
  • 既然无缘
    2021-01-24 01:11

    It is not possible to specify multiple paths in a single location element. I think you are asking to do is something like this:

    <location path="Default.aspx,aboutus.aspx,contactus,aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>

    Unfortunately, I do not believe that is possible.

    You have several options for how to do this.

    A) specify the location element multiple times, one for each file that you want to allow anonymous access:

    <location path="Default.aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>
<location path="aboutus.aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>
<location path="contactus,aspx">
    <system.web>
        <authorization>
            <allow users="*"  />
        </authorization>
    </system.web>
</location>

    B) Put all of the files that you want to allow anonymous access to in a separate directory, as Admirer mentioned above.

    C) You may wan to explore using File Authorization instead of URL authorization. With File Authorization, you can assign windows ACL permissions directly to files. It might be possible to assign files you want protected to one Windows account, and files that you want to allow anonymous access to another ACL account. You task would then be to use ASP.Net impersonation to map requests from anonymous access requests to execute in the security context of the windows account that has access only to the un-protected files, and map requests from authenticated requests to the windows account that has access to all files.

    I am not sure you want to go down this road, since it is probably much easier simply to replicate the "location" element multiple times, once for each resource you want to expose to anonymous access. But if you do want to look into this, there are some good resources here or here

    0 讨论(0)
  • 没有蜡笔的小新
    2021-01-24 01:22

    I think you can group based on folder name. Check this out http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx

    0 讨论(0)
 看不清?
提交回复
热议问题