问题
in IIS, Is there a way to define some kind of a filtering rule to deny access to files within a virtual directory unless the requests are "pre signed" by some sort of an encrypted query string? Also is there a way to make the request expire? I can't find a way to have control over this.
What I'm looking for is very similar to what Amazon S3 Amazon.S3.Model.GetPreSignedUrlRequest.Expires property delivers, but in IIS. Here is a link to the Amazon S3 sample code.
Scenario of the desired goal:
Requesting: http://MyServerName/MyFolderThatIsAddedAsAVirtualDirectoryToDefaultWebsiteInIIS/MyImage.jpg should always result in "Access Denied" by default. However, having a particular query string appended to the request URL should give access to the file. Also, I need the URL to expire after a certain period of time until a new valid query string is provided.
回答1:
You will need some sort of HTTP Module here to deal with this as there is custom logic to implement for QueryString matching and expiration.
public class HttpFilterModule : IHttpModule
{
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.BeginRequest += context_BeginRequest;
}
void context_BeginRequest(object sender, EventArgs e)
{
var qs = HttpContext.Current.Request.QueryString["SomeKeyToCheck"];
var url = HttpContext.Current.Request.Url;
if (MatchesUrl(url))
{
if (!IsAuthenticatedByQueryString(qs))
{
HttpContext.Current.Response.StatusCode = HttpStatusCode.Unauthorized;
HttpContext.Current.Response.End();
}
}
}
private bool IsAuthenticatedByQueryString(string qs)
{
// implement code here to check qs value
// probably against a DB or cache of tokens
return true;
}
private bool MatchesUrl(Uri url)
{
// implement code here to match the URL,
// probably against configuration
return true;
}
}
来源:https://stackoverflow.com/questions/28679068/iis-virtual-directory-get-pre-signed-url-with-expiration