即使一个人知道文件的确切路径我想阻止下载,除非他们登录到网站。我正在使用Session来跟踪用户。我在App_Code中创建了一个类,但我不知道如何从MSDN网站修改这些内容以防止下载。请帮忙。谢谢。
C#最好是请。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
/// <summary>
/// Summary description for secure
/// </summary>
public class secure :IHttpModule
{
public String ModuleName
{
get { return "HelloWorldModule"; }
}
// In the Init function, register for HttpApplication
// events by adding your handlers.
public void Init(HttpApplication application)
{
application.BeginRequest += (new EventHandler(this.Application_BeginRequest));
application.EndRequest += (new EventHandler(this.Application_EndRequest));
}
// Your BeginRequest event handler.
private void Application_BeginRequest(Object source, EventArgs e)
{
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
context.Response.Write("<h1><font color=red>HelloWorldModule: Beginning of Request</font></h1><hr>");
}
// Your EndRequest event handler.
private void Application_EndRequest(Object source, EventArgs e)
{
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
context.Response.Write("<hr><h1><font color=red>HelloWorldModule: End of Request</font></h1>");
}
public void Dispose()
{
}
}
答案 0 :(得分:0)
最简单的方法是使用membership provider并简单地将web.config配置为仅允许特定角色中的用户访问具有资源的路径:
<configuration>
<location path="[path to secure]">
<system.web>
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>