问题
At the moment in my ASP.NET webApp I have some resources such as some .pdf files or pictures in specific folder in the host . If any user know the URL of those files can access them from the browser , How can i manage access or ban anonymous user from those files ?
回答1:
You can use the location directive in web.config.
<location path="resources">
<system.web>
<authorization>
<allow roles="Customers"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
This way you can put your resources (pdf, images) in the directory "resources". Only Customers will be able to show them. Note that they can still download the files and upload it to other server, but I guess you already know that.
回答2:
See http://msdn.microsoft.com/en-us/library/aa291347(VS.71).aspx
来源:https://stackoverflow.com/questions/2340422/how-to-prevent-accessing-unauthorized-user-to-resource-such-as-pdf-file-in-host