Securing the rss feed with username and password,for private viewing

问题

How can i secure the Rss feed for private viewing?

回答1:

You can secure the feed the same way you would any other file, via the web.config. Something along the lines of:

<configuration>
  <system.web>
    <authentication mode="Forms">
      <forms name=".AUTH" loginUrl="login.aspx" protection="All" timeout="60">
        <credentials passwordFormat="MD5">
          <user name="admin" password="" />
        </credentials>
      </forms>
    </authentication>
    <authorization>
      <allow users="?" />
      <allow users="*" />
    </authorization>
  </system.web>

  <location path="feed.xml">
    <system.web>
      <authorization>
        <allow users="admin" />
        <deny users="*" />
      </authorization> 
    </system.web>
  </location>
</configuration>

回答2:

If you have controller action and use builtin authorization then decorate action result with [Authorize] attribute:

[Authorize (Users="List of users", Roles="List of roles")]
RssActionResult RssFeed(params)
{
}

来源：https://stackoverflow.com/questions/2414373/securing-the-rss-feed-with-username-and-password-for-private-viewing

标签

ASP.NET

asp.net-mvc

security

rss

feed

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!