This is my first ASP.NET MVC application, and my first on an IIS 7.x installation whereby I have to do anything over and above the standard.
I need to enforce Windows authentication on the /Index and /feeds/xxx.svc pages/services. In ASP.NET Web Forms, I would apply the Windows permissions on the files and remove Anonymous authentication in IIS 6. This needs to work over HTTP/S, but don't worry about that, that's in hand.
What happens in MVC/IIS 7?
I have tried modifying the permissions on the /Index.aspx view, w开发者_运维百科hich seems to block access. It asks me for a username/password, but does not grant access when I enter a valid username/password. Pressing Escape gives me an exception "**Access to the path 'E:\dev\xxx\xxx.ConsultantRegistration.Web.Admin\Views\ConsultantRegistration\index.aspx' is denied. **", which does get sent as a 401.
So although the username/password does exist on the Index.aspx view, I can't use those credentials to access said view.
I have in my web.config:
What am I missing?
Don't set file permissions. Instead enable the WindowsAuthentication provider in your website in IIS, and add the [Authorize] attribute on the controller action. You can further filter the users that have access to these pages like this:
[RequireHttps, Authorize(Users="MyUser")]
public ActionResult Index()
{
return View();
}
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论