1. 技术文章
  2. Web.config: Wildcards in location and authorization

Web.config: Wildcards in location and authorization

不羁岁月 提交于 2019-11-27 02:42:40

问题


In my ASP.Net application I'm using URL routing.
The url format is somewhat like: http://site/{culture}/project/{id}.

To allow users to visit the login and recovery page, I've added the following entries to my web.config:

<location path="en-GB/login">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>

<location path="nl-NL/login">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>

<location path="login">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>

Is there a form of notation so that I can skip the en-GB part and replace it with a wildcard?
I want the login and recovery page etc. to be available regardless of the culture.


回答1:


I don't believe you can place relative paths in the root web.config, but that isn't a concern. You can use the support of nested Web.Config files to your advantage.

You can place a web.config file similar to this in any of your sub directories (adjusting to suit the needs of that specific directory) and you'll get the support you seek. It is also a lot easier to maintain as the settings are closer to the code files they control.

<?xml version="1.0"?>
<configuration>
    <system.web>
      <authorization>
        <deny users="*"/>
      </authorization>
    </system.web>
</configuration>

The overall configuration for authentication types, roles, etc. would be done in the web.config in your applications root directory. As a result, you can't set a separate login page per directory from this method, but you could have a login page that automatically handled a redirect when needed (by analyzing the ReturnURL QueryString value).




回答2:


Looking at this post, you might be able to change the extension of your login page and do something like the following:

<system.webServer>
  <security>
    <requestFiltering>
      <fileExtensions>
        <add fileExtension=".login" allowed="true" />
      </fileExtensions>
    </requestFiltering>
  </security>
</system.webServer>

I have not tried this, but it is perhaps something to attempt.



来源:https://stackoverflow.com/questions/4375208/web-config-wildcards-in-location-and-authorization

标签
ASP.NET
web-config
url-routing
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!