none
ASP.NET附件下载限制 RRS feed

  • 问题

  • 如何限制ASP.NET下载或查看某些附件?

    例如:

    A文件夹有身份证复印件,只能人力资源部的人看

    B文件夹有产品报价单,只能业务部的人看


    做有意义的事^_^
    2010年6月17日 1:26

答案

  • 你好,

    根据用户登录时输入的信息分配用户角色,然后在每个文件夹下通过添加web.config进行授权验证即可。

    e.g

      string userRoles = "Admin";  //为测试方便直接填写的角色字符串
    
    
        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, "karl", DateTime.Now, DateTime.Now.AddMinutes(30), true, userRoles, "/");
    
        string HaskTicket = FormsAuthentication.Encrypt(ticket);
    
        HttpCookie UserCookies = new HttpCookie(FormsAuthentication.FormsCookieName, HaskTicket);
        
         //FormsAuthentication.SetAuthCookie("karl", true);
        Response.Cookies.Add(UserCookies);
        //Response.RedirectLocation = "~/FileUploadDemo/attachment.aspx";
        Response.Redirect("~/FileUploadDemo/attachment.aspx");
        

    global

     protected void Application_AuthenticateRequest(object sender, EventArgs args)
      {
        HttpContext ctx = (sender as HttpApplication).Context;
    
        if (ctx.Request.IsAuthenticated == true) //验证过的用户才进行role的处理  
        {
    
          FormsIdentity Id = (FormsIdentity)ctx.User.Identity;
    
    
          FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份验证票  
    
          string[] Roles = Ticket.UserData.Split(','); //将身份验证票中的role数据转成字符串数组  
    
          ctx.User = new System.Security.Principal.GenericPrincipal(Id, Roles); //将原有的Identity加上角色信息新建一个GenericPrincipal表示当前用户,这样当前用户就拥有了role信息  
    
        }
    }

    web.config

    <?xml version="1.0"?>
    <!-- 
      Note: As an alternative to hand editing this file you can use the 
      web admin tool to configure settings for your application. Use
      the Website->Asp.Net Configuration option in Visual Studio.
      A full list of settings and comments can be found in 
      machine.config.comments usually located in 
      \Windows\Microsoft.Net\Framework\v2.x\Config 
    -->
    <configuration>
     <appSettings/>
     <connectionStrings/>
     <location>
      <system.web>
       <authorization>
        <allow roles="Admin"/><deny roles="*"/>
       </authorization>
      </system.web>
     </location>
    </configuration>
    

    Microsoft Online Community Support
    2010年6月21日 2:14

全部回复

  • 为什么不以部门分开放置了?这样也便于管理!

    2010年6月17日 6:25
  • 这段时间我刚好完成了这个项目 ,我们领导的要求也是一样的。

    我的思路是这样的,根登录的用户名和角色,决定能访问的文件夹,然后你就可以A文件夹放身份证复印件,B文件夹放产品报价单。这种对应关系我是建立在数据库中的。

    2010年6月17日 8:17
  • 你好,

    根据用户登录时输入的信息分配用户角色,然后在每个文件夹下通过添加web.config进行授权验证即可。

    e.g

      string userRoles = "Admin";  //为测试方便直接填写的角色字符串
    
    
        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, "karl", DateTime.Now, DateTime.Now.AddMinutes(30), true, userRoles, "/");
    
        string HaskTicket = FormsAuthentication.Encrypt(ticket);
    
        HttpCookie UserCookies = new HttpCookie(FormsAuthentication.FormsCookieName, HaskTicket);
        
         //FormsAuthentication.SetAuthCookie("karl", true);
        Response.Cookies.Add(UserCookies);
        //Response.RedirectLocation = "~/FileUploadDemo/attachment.aspx";
        Response.Redirect("~/FileUploadDemo/attachment.aspx");
        

    global

     protected void Application_AuthenticateRequest(object sender, EventArgs args)
      {
        HttpContext ctx = (sender as HttpApplication).Context;
    
        if (ctx.Request.IsAuthenticated == true) //验证过的用户才进行role的处理  
        {
    
          FormsIdentity Id = (FormsIdentity)ctx.User.Identity;
    
    
          FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份验证票  
    
          string[] Roles = Ticket.UserData.Split(','); //将身份验证票中的role数据转成字符串数组  
    
          ctx.User = new System.Security.Principal.GenericPrincipal(Id, Roles); //将原有的Identity加上角色信息新建一个GenericPrincipal表示当前用户,这样当前用户就拥有了role信息  
    
        }
    }

    web.config

    <?xml version="1.0"?>
    <!-- 
      Note: As an alternative to hand editing this file you can use the 
      web admin tool to configure settings for your application. Use
      the Website->Asp.Net Configuration option in Visual Studio.
      A full list of settings and comments can be found in 
      machine.config.comments usually located in 
      \Windows\Microsoft.Net\Framework\v2.x\Config 
    -->
    <configuration>
     <appSettings/>
     <connectionStrings/>
     <location>
      <system.web>
       <authorization>
        <allow roles="Admin"/><deny roles="*"/>
       </authorization>
      </system.web>
     </location>
    </configuration>
    

    Microsoft Online Community Support
    2010年6月21日 2:14