0

我需要通过 .Net 1.1 内置的应用程序阻止对服务器上的 PDF、PPT、DOC 内容的匿名访问;IIS 5.1。我尝试在 IIS 中取消选中匿名访问,但它不起作用。

4

1 回答 1

0

我知道这是一篇旧帖子,希望您离开 .Net 1.1 和/或找到合适的解决方案。但希望这会对您或其他人有所帮助。我的想法是将 PDF 移出您的网络文件夹,并将链接更改为下载处理程序。在处理程序中,您可以检查您的访问者是否已登录并允许或禁止访问 PDF。一个简化的例子是:

关联:http://mysite/download.ashx?path=secure_folder/my.pdf

处理程序可能包含:

Public Class Download : Implements IHttpHandler
    Implements SessionState.IRequiresSessionState

    Public Sub ProcessRequest(ByVal context As HttpContext) Implements    IHttpHandler.ProcessRequest
        If User.IsLoggedIn() Then 
            'implement your own user validation here

            Dim path as String = "E:\" & Request.QueryString(path).Replace("/", "\")

            Using fs As IO.FileStream = New IO.FileStream(path, IO.FileMode.Open, IO.FileAccess.Read, IO.FileShare.Read)

                Dim fileLen As Long = fs.Length()
                Dim fileData(fileLen) As Byte
                fs.Read(fileData, 0, Integer.Parse(fileLen.ToString()))
                context.Response.ContentType("application/pdf") 'set as appropriate based on file extension
                context.Response.BinaryWrite(fileData)
            End Using
        Else
            context.Response.Write("You don't have access to this resource.")
        End If
    End Sub

    Public ReadOnly Property IsReusable() As Boolean Implements IHttpHandler.IsReusable
        Get
                Return False
        End Get
    End Property

End Class
于 2014-06-20T18:28:32.353 回答