Generally, the solution for small files is to directly read the file on the server and then output the file. This avoids the exposure of the file address. This is a solution. What I want to talk about now is to use the TransmitFile method to output files directly. However, I have not tested how powerful this method is to support large files and how much performance overhead it will bring, if you are interested, you can test it and make comments.
Now, let's go to the topic. Generally, for the download site, we think of traffic problems, so we automatically think that we should deploy the file and program code separately. So I made a second-level domain name for the file separately. Let's call it file.xxx.com. The domain name of the primary website is www.xxx.com, or other second-level domain names.
The first step is to achieve identity authentication and sharing between the two sites. For example, after logging on to the main site, the automatic substation will achieve logon. net Forms authentication can easily achieve this function, the underlying idea is actually the principle of sharing cookies. The second step is to filter permissions for the file site. Next we will add web. config to the main site and the file site at the same time. Add the same configuration to them. The main configuration code of Web. config is as follows:
Copy codeThe Code is as follows:
<? Xml version = "1.0" encoding = "UTF-8"?>
<Configuration>
<ConnectionStrings>
</ConnectionStrings>
<Deleetask>
</AppSettings>
<System. web>
<Authentication mode = "Forms">
<Forms loginUrl = "~ /Home/LogOn "defaultUrl ="/"timeout =" 600 "slidingExpiration =" true "name =" File "path ="/"enableCrossAppRedirects =" true "> </forms>
</Authentication> <MachineKey validationKey = "encrypt" decryptionKey = "AAA2B3F76A9359431E717CA8275EE72EEEDC70ED55152010" validation = "SHA1"/>
</System. web>
<! -- This node only needs to be added to the file station --> <system. webServer>
<Handlers>
<Add name = "*. *" path = "*. *" verb = "*" type = "Web. Handler. Download"/>
</Handlers>
</System. webServer>
</Configuration>
The preceding configuration files have several key configuration points for cross-origin access: 1. the authentication name must be the same, and path = "/" indicates that the cookie storage path is the root domain name, enableCrossAppRedirects = "true" indicates whether authentication can be redirected to other applications. 2. Configure the httpCookie node as a top-level domain name. 3. The machinekey of the two sites must be the same. For permission control, the access filter in. Net, that is, the IHttpHandler interface, is implemented to intercept access. The implementation method is also very simple, as long as the ProcessRequest method is implemented, the following is my code:
Copy codeThe Code is as follows:
Namespace Web. Handler
{
/// <Summary>
/// File Download and login verification
/// </Summary>
Public class Download: IHttpHandler
{
Public bool IsReusable
{
Get
{
Return true;
}
}
Public void ProcessRequest (HttpContext context)
{
If (context. User. Identity. IsAuthenticated)
{
String fileName = context. Server. MapPath (context. Request. FilePath );
Context. Response. ContentType = Path. GetExtension (fileName );
Context. Response. TransmitFile (context. Request. FilePath );
}
Else
{
Context. Response. Write ("You are not logged on! ");
}
}
}
}
After the above Code is written, the filtering configuration is added. Pay attention to the preceding configuration file comment. The most important configuration section is: <add name = "*. * "path = "*. * "verb =" * "type =" Web. handler. download "/> name is the name of the filter. If you enter it casually, path indicates the suffix of the file you want to filter. I need to filter all files, so use * directly *. * If only jpg and gif images are filtered, you can change it :*. jpg ,*. gif. type indicates the Dll address of the filter, that is, the full name of the class that implements IHttpHandler. OK. The file access control is complete. Note: Since IIS7 is used, the Handler here is added to the system. webSever node. IIS6 and earlier versions can be added directly to the system. web node.