401 Unauthorized when custom IHttpHandler tries to read from virtual directory

ぐ巨炮叔叔 提交于 2020-01-04 11:04:03

问题


I have a custom IHttpHandler, specified in web.config as follows:

<httpHandlers>
  <add verb="*" path="*.html" validate="true" type="PipingRedirectHandler" />
  <add verb="*" path="*.htm" validate="true" type="PipingRedirectHandler" />
</httpHandlers>

In IIS 7 (on Win 2008 R22) I added handler mappings with Path: *.html/*.htm and executable: %windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll.

I also have a virtual directory mapped to a windows share on another machine, Alias: ClientFiles, Physical path: \\othermachine\ClientFiles. I have this virtual directory set to "Connect As" a domain user that has full control access (read, write, execute, etc.) to the share, but everything else about the website, the app pool identity, the connect to physical path of the rest of the site, etc. are all default (ApplicationPoolIdentity).

My IHttpHandler works fine with any local html files on the website, and all my css and images on the ClientFiles virtual directory work perfectly, too. The only problem is when I'm trying to read a html file from the virtual directory. I get HTTP 401 Unauthorized errors when trying to do so.

I figured it was that the local ASP.Net ISAPI was trying to load the file directly and not honouring the "Connect As" setting for the virtual directory, so I changed the app pool's identity to the same domain user that has access, and everything seems to work.

I'm just wondering:

  • Is this normal?
  • Why would it not use the user specified in the virtual directory settings?
  • Have I worked around the problem in an appropriate way?

I believe security is slightly diminished by setting the app pool to use a domain user, and would prefer not to.

来源:https://stackoverflow.com/questions/10354748/401-unauthorized-when-custom-ihttphandler-tries-to-read-from-virtual-directory

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!