Protect non-page files; asp.net;IIS

最新推荐文章于 2020-03-02 00:47:18 发布
最新推荐文章于 2020-03-02 00:47:18 发布
阅读量724 收藏
点赞数
分类专栏: IIS6 ASP.NET 文章标签: iis asp.net application authentication wildcard properties
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/xhinker/article/details/3733074
版权

Question:

Hello my friends ,


not a hard question


I have asite with forms authentication defined ,
I have role security enabled ,
we have the Support part of the site with role based security
that we only allow are customers to visit this part ,
There are files for each customer seperated in an individual folder for t hat customer
now , when customer logged in , if they know the name of a file they can get also files for other customers ,
that we dont want to allow that ,
for example for doing so , I also tried making web.config files inside each customer's page , and only allow that user , with other users denied , but this wont work for those files (in zip/rar format) ,
Is there anyway to protect these files ?


I tried in win Xp , maybe in server we have better options ,

any help would be appreciated , thx

 

Answer:

Those steps tested work in IIS6:

1.Open IIS manager console.(IIS6 in my Windows Server 2003)

2.Right-click web site or virtual directory and select Properties

3.Choose Directory or Home Directory tab

4. you will find Configuration button under Application Settings, click it.

5.Insert Wildcard application maps: click Insert... and input

    C:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/aspnet_isapi.dll (it is this aspnet_isapi in my computer, it may a little bit different in yours)

6. Ok, restart your IIS, and take a try.

Hope this helps

Thanks

 

 

http://forums.asp.net/p/1359392/2812046.aspx#2812046

【Chapter 3: Creating Minimal API Applications】
代数的博客
07-15 241
【代码】【Chapter 3: Creating Minimal API Applications】
自动化配置管理工具 SaltStack-03
IT爱好者
05-10 1843
自动化配置管理工具 SaltStack
Host ASP.NET Core on Windows with IIS
hello
07-26 944
Supported operating systems The following operating systems are supported: Windows 7 or later Windows Server 2008 R2 or later HTTP.sys server (formerly called WebListener) doesn't work in a reverse...
ASP.NET Integration with IIS 7
cxzhq2002的杂记
03-13 1507
Introduction Since its release, ASP.NET has been the platform of choice for developing Web applications on the Windows / IIS platform. ASP.NET 2.0 took Web application development to a new level, al
ASP.net security
weixin_30275415的博客
07-07 664
ASP.NET Security J.D. Meier, Alex Mackman, Michael Dunner, and Srinath VasireddyMicrosoft Corporation Published: November 2002 Last Revised: January 2006 Applies to: ASP.NET 1.1 See ...
Understanding ASP.NET View State
lillllllll的专栏
11-26 898
 ASP.NET Technical ArticlesUnderstanding ASP.NET View State Scott Mitchell4GuysFromRolla.comMay 2004Applies to:   Microsoft® ASP.NET   Microsoft® Visual Studio® .NETSummary: Scott Mitc
Tracking Visitors with ASP.NET
weixin_30707875的博客
07-17 1173
转自:http://www.15seconds.com/issue/021119.htm Introduction ...
ASP.NET Technical Articles
android测试、后台测试
09-13 337
  Scott Mitchell 4GuysFromRolla.com May 2004 Applies to:    Microsoft® ASP.NET    Microsoft® Visual Studio® .NET Summary: Scott Mitchell looks at the benefits of and confusion around View State in Mi...
Why won't my ASP pages work in IIS 6.0?
camel0564的专栏
03-11 1585
Why wont my ASP pages work in IIS 6.0?After deploying a web site to Windows Server 2003, you might find that your ASP pages arent working. Lets examine a few possible scenarios.  Server Could No
Improving ASP.NET Performance
07-13 3534
Related LinksHome Page for Improving .NET Application Performance and ScalabilityChapter 5, Improving Managed Code PerformanceSend feedback to Scale@microsoft.compatterns & practices Library
Chapter 6 — Improving ASP.NET Performance
weixin_34050519的博客
11-22 274
https://msdn.microsoft.com/en-us/library/ff647787.aspx     Retired Content This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who ...
Learning Web Design by Jennifer Niederst Robbins
CodingIsFun
03-02 3096
Learning Web Design A BEGINNER’S GUIDE TO HTML, CSS,JAVASCRIPT, AND WEB GRAPHICS Jennifer Niederst Robbins My GitHub Files: https://github.com/Li-YangZhong/Learning_Web_Design_Book_by_Jennife...
[转]高负载并发网站架构分析
热门推荐
bluehire的专栏
12-23 2万+
由于自己正在做一个高性能大用户量的论坛程序,对高性能高并发服务器架构比较感兴趣,于是在网上收集了不少这方面的资料和大家分享。希望能和大家交流 msn: defender_ios@hotmail.com ——————————————————————————————————————— ? 初创网站与开源软件 6 ? 谈谈大型高负载网站服务器的优化心得! 8 ? Lighttpd+Squid+Apach
ASP.NET 页面中获取访问者的IP地址
xhinker's blog
12-24 2574
ip= http://forums.asp.net/t/1362815.aspx
Change expired password in AD with C# (使用c# 更改AD 中过期密码)
xhinker's blog
01-12 2007
Question: Hello,Im looking for a solution to completely replace iisadmpwd with a pure ASP.NET 2.0 solution.We are using windows authentication with a web application.If the users password is
如何在Firefox中实现ASP.NET 不弹出窗口的Windows Integrated Authentication
xhinker's blog
02-02 1050
Follow these steps - 1. Open Firefox 2. Navigate to the url about:config 3. Locate the following preference names and put as the value the comma separated values of the address roots. network.
如何不使用 Visual Studio 开发ASP.NET
xhinker's blog
04-05 1009
引言你可能已经用惯了使用VS 新建一个WebSite, VS 几乎为我们包揽了一切琐碎的东西,同时也掩盖了很多重要的东西。本文将通过一个很简单的例子来告诉你如何使用记事本去开发一个ASP.NET 页面。不使用VS来学习 ASP.NET 有两个好处:1. 所有的代码都在你的控制之中,让你更清楚的明白你在做些什么。2. 使用记事本开发能让你更明白ASP.NET 是如何工作的。  A
Storing Additional User Information in membership db - ASP.NET
xhinker's blog
01-15 1009
Question: Hi,In my project I already used the aspnet_regsql and the aspnetDB database was included into my oun data base.when one adds an acount the information falls into the aspnet_Membershi
保护视力的Protect Eyes-crx插件应用
资源摘要信息:"Protect Eyes-crx插件" 知识点概述: Protect Eyes-crx插件是一款浏览器扩展程序,主要用于保护用户的视力健康。它通过调整网页背景颜色,减少屏幕对眼睛的伤害,从而减轻用户的视觉疲劳。该插件支持...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值