Authenticated

Authenticated

关注
发信
关注(28)粉丝(399)

如何限制一个JavaScript文件来只有经过身份验证的用户服务?

本文介绍了如何限制一个JavaScript文件来只有经过身份验证的用户服务?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个使用2身份进行验证的WebAPI 2 / AngularJS SPA应用。我在本地code存储进行身份验证令牌。我想实现的功能,可以让我最初的index.html页面已经被下载后,我的应用程序请求额外的JavaScript用于身份验证的用户。

I have a WebAPI 2 / AngularJS SPA application that uses Identity 2 for authentication. Locally my code stores a token for authentication. I would like to implement functionality that allows my application to request additional javascript for authenticated users after my initial index.html page has been downloaded.

有没有一种办法可以让我的服务器code给出了在 JavaScript文件以只有经过身份验证和授权的用户?类似的东西到一个控制器操作方法返回的数据只有经过身份验证和授权用户的方式。

Is there a way I can make my server code give out the javascript files to only authenticated and authorized users? Something similar to the way a controller action method returns data to only authenticated and authorized users.

推荐答案

您可以强制静态文件要经过服务器,以便通过设置它的web.config文件,以确保认证:

You can force the static files to go through the server in order to ensure authentication by setting it up on the web.config:

的Web.config 

<compilation>
    <buildProviders>
        <add extension=".html" type="System.Web.Compilation.PageBuildProvider" />
        <add extension=".htm" type="System.Web.Compilation.PageBuildProvider" />
         <add extension=".js" type="System.Web.Compilation.ForceCopyBuildProvider"/>
    </buildProviders>
</compilation>

<system.webServer>
     <handlers>
         <add name="HTML" path="*.html" verb="GET, HEAD, POST, DEBUG"   type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script" />
         <add name="HTM" path="*.htm" verb="GET, HEAD, POST, DEBUG" type="System.Web.UI.PageHandlerFactory" resourceType="Unspecified" requireAccess="Script" />
     </handlers>
</system.webServer>

这将让我建立&LT;授权&GT; 在我的web.config,因为我想要的,喜欢的位置:

This will allow me to set up <authorization> in my web.config for the locations I want, like:

地点:脚本/安全/演示

Location: scripts/secured/demo

<authorization>
  <allow roles="demo" />
</authorization>

或地点:脚本/安全/

or Location: scripts/secured/

 <authorization>
   <deny users="?" />
 </authorization>

http://msdn.microsoft.com/en-us/library/h0e51sw9(v=vs.85).aspx

有一个类似的问题是,最近是否有帮助:

A similar question was recently if it helps:

这篇关于如何限制一个JavaScript文件来只有经过身份验证的用户服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-21 07:24
Powered by LMLPHP ©2024 Authenticated 0.036780