IIS 7.5和授权

时间:2011-09-07 05:17:04

标签: asp.net forms-authentication iis-7.5

我有一个曾经在iis6下工作的asp.net/silverlight网站。我们正在升级到iis7.5,但我无法让它正常工作。

基本上以前,网站设置了表格授权,整个网站设置为拒绝所有用户。然后我设置了登录页面,图像和default.aspx文件,以便无比访问。一切都好。

我还在其他文件夹上安装了角色安全设置。一旦用户登录,他们就会获得他们的角色,并且他们能够访问他们被授予访问权限的文件夹。

在7.5中几乎没有任何工作。我已经关注了网络上的所有信息,但无济于事。任何人都可以帮忙

以下是我的web.config文件的部分

    <authentication mode="Forms">
        <forms loginUrl="login.aspx" requireSSL="false" timeout="30" />
    </authentication>

    <authorization>
        <deny users="?" />
    </authorization>


<location path="images">
    <system.webServer>
        <security>
        <authorization>
                    <add accessType="Allow" users="*" />
        </authorization>
        </security>
    </system.webServer>
</location>

<location path="default.aspx">
    <system.webServer>
        <security>
        <authorization>
                    <add accessType="Allow" users="*" />
        </authorization>
        </security>
    </system.webServer>
</location>

<location path="www">
    <system.webServer>
        <security>
        <authorization>
                    <add accessType="Allow" users="*" />
        </authorization>
        </security>
    </system.webServer>
</location>

<location path="manuals/customer">
    <system.webServer>
        <security>
        <authorization>
            <add accessType="Allow" users="" roles="man_customer" />
            <add accessType="Deny" users="*" />
        </authorization>          
        </security>
    </system.webServer>
</location>

<location path="manuals/msa">
    <system.webServer>
        <security>
        <authorization>
            <add accessType="Allow" users="" roles="man_msa" />
            <add accessType="Deny" users="*" />
        </authorization>          
        </security>
    </system.webServer>
</location>


<location path="documents/msa">
    <system.webServer>
        <security>
        <authorization>
            <add accessType="Allow" users="" roles="doc_msa" />
            <add accessType="Deny" users="*" />
        </authorization>          
        </security>
    </system.webServer>
</location>

<location path="documents/admin">
    <system.webServer>
        <security>
        <authorization>
            <add accessType="Allow" users="" roles="doc_admin" />
            <add accessType="Deny" users="*" />
        </authorization>          
        </security>
    </system.webServer>
</location>

<location path="documents/customer">
    <system.webServer>
        <security>
        <authorization>
            <add accessType="Allow" users="" roles="doc_customer" />
            <add accessType="Deny" users="*" />
        </authorization>          
        </security>
    </system.webServer>
</location>

<system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules>
          <remove name="FormsAuthentication" /> 
          <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" /> 
          <remove name="UrlAuthorization" /> 
          <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" /> 
          <remove name="DefaultAuthentication" /> 
          <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" /> 
          <remove name="RoleManager" /> 
          <add name="RoleManager" type="System.Web.Security.RoleManagerModule" /> 
          <add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />

    </modules>
    <handlers>
        <remove name="WebServiceHandlerFactory-Integrated" />
        <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
        <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
    </handlers>
    <security>
        <authorization>
            <remove users="*" roles="" verbs="" />
            <add accessType="Allow" users="?" />
        </authorization>
    </security>
    <defaultDocument>
        <files>
            <clear />
            <add value="default.aspx" />
        </files>
    </defaultDocument>
</system.webServer>

当网站启动时,它最初会重定向到login.aspx文件。无法访问images文件夹中的图像。

1 个答案:

答案 0 :(得分:0)

不确定如何在IIS 6上运行它,但我在IIS 7.5上运行了类似的东西,我的web.config看起来有点不同。试试这个:

<system.web>
  <authentication mode="Forms">
    <forms loginUrl="login.aspx" requireSSL="false" timeout="30" />
  </authentication>
  <authorization>
    <deny users="?"/>
  </authorization>
</system.web>

<location path="images">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>
相关问题
最新问题