Say I have a virtual folder /topFolder/ in IIS7, and in that folder there can be any file that can be displayed in a browser (xml, html, swf, doc etc - typically "unmanaged" resources from the IIS perspective). Before giving the request permission to open any file below the folder, I need to check some session variables in order to see if the user has a "license" for the subfolder and file in question.

假设我在IIS7中有一个虚拟文件夹/ topFolder /,并且在该文件夹中可以有任何可以在浏览器中显示的文件(xml,html,swf,doc等 - 通常是IIS透视图中的“非托管”资源)。在给予请求权限以打开文件夹下面的任何文件之前,我需要检查一些会话变量,以查看用户是否具有相关子文件夹和文件的“许可证”。

I've tried implementing a module with IHttpModule and IReadOnlySessionState interfaces, but the Session is always null on the AcquireRequestState event when the file is "static" and not IIS managed (like aspx, ashx etc).

我已经尝试使用IHttpModule和IReadOnlySessionState接口实现模块,但是当文件是“静态”而不是IIS管理(如aspx,ashx等)时,会话在AcquireRequestState事件上始终为null。

If I use a custom HttpHandler, I get the session, but then I also need to implement how the content is sent to response. Edit: Since the user isn't downloading the file, I just want IIS to serve the file like it does with its StaticFileModule. The Handler/Module should really be a StaticFileModuleWithAuthorizationHook...

如果我使用自定义HttpHandler,我会得到会话,但是我还需要实现如何将内容发送到响应。编辑:由于用户没有下载文件,我只希望IIS像使用StaticFileModule一样提供文件。处理程序/模块应该是一个StaticFileModuleWithAuthorizationHook ...

So I really want to do the following: 1. For request /topFolder/* : check session and licenses etc a) If ok, continue serving file b) If not ok, interrupt request, or just send FORBIDDEN in response.

所以我真的想要做以下事情:1。对于request / topFolder / *:检查会话和许可证等a)如果没问题,继续提供文件b)如果不正常,请中断请求,或者只是发送FORBIDDEN作为响应。

Hope someone can help.

希望有人能提供帮助。

1 个解决方案

#1

---