我很擅长在网站上设置安全性。我正在使用Windows身份验证,并希望限制对我的网站的访问,以便只有Windows安全组中的用户可以打开该网站,并且其他所有人都将获得访问被拒绝错误。在我的AD中,我属于安全组MIS \ ICT_Dept,其中MIS是组织单位,安全组名称是ICT_Dept。
如果我只允许MIS \ ICT_Dept,任何人都可以进入。如果我允许MIS \ ICT_Dept并拒绝所有用户,即使我是MIS \ ICT_Dept的成员,我也无法进入。这是我的web.config与拒绝用户(我开始设置ASP安全性,然后切换到Windows - 如果你看到不再需要的代码,请告诉我):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=WillSQL\ict2;Initial Catalog=timesql_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
<add name="TimeSQLConnectionString1" connectionString="Data Source=WillSQL\ict2;Initial Catalog=TimeSQL_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
<add name="TimeSQLConnectionString" connectionString="Data Source=WILLSQL\ict2;Initial Catalog=TimeSQL_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<customErrors mode="Off"/>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</assemblies>
</compilation>
<profile>
<providers>
<clear />
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" />
</providers>
</profile>
<globalization culture="en-us" />
<authorization>
<allow roles="mis\ICT_Dept" />
<deny users="*"/>
</authorization>
<pages>
<controls>
<add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
</controls>
</pages>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Microsoft.WindowsAzure.Storage" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.1.0.4" newVersion="2.1.0.4" />
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
谢谢!这是修改过的代码:
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<connectionStrings>
<add name="ApplicationServices" connectionString="data source=WillSQL\ict2;Initial Catalog=timesql_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
<add name="TimeSQLConnectionString1" connectionString="Data Source=WillSQL\ict2;Initial Catalog=TimeSQL_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
<add name="TimeSQLConnectionString" connectionString="Data Source=WillSQL\ict2;Initial Catalog=TimeSQL_testing;Integrated Security=SSPI"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<globalization culture="en-us" />
<authentication mode="Windows" />
<authorization>
<allow roles="ICT_Dept"/>
<deny users ="?"/>
</authorization>
<pages>
<controls>
<add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
</controls>
</pages>
</system.web>
</configuration>