我的問題非常相似,除了我需要遍歷所有 目錄和相關子目錄以及爲每個網頁和文件夾目錄顯示允許的角色的能力。我無法使用Ronald Wildenberg的解決方案,因爲我們使用.Net 2.0,所以我們沒有Linq功能。
他的解決方案給了我需要的路線圖。我還從微軟的法國IIS支持團隊Managing Forms Authentication Programmatically找到了幫助。我不想重寫他們發佈的配置文件,而是需要能夠在我們的應用程序中顯示所有目錄和頁面的允許角色。我們的應用程序很小。它總共有15個目錄和少於100個頁面,因此它運行速度非常快。您的里程數取決於您網站的大小。
我從根目錄開始遞歸搜索所有web配置。我將它們的路徑添加到字符串列表中,然後遍歷列表並調用我的ListRoles函數。該功能打開web配置並獲取位置集合。然後它像羅納德那樣尋找「system.web/authorization」。如果它找到一個授權部分,它將遍歷規則並排除任何繼承的規則並關注AuthorizationRuleAction。與相關聯的角色允許:
using System;
using System.Collections.Generic;
using System.Configuration;
using System.IO;
using System.Web.Configuration;
public void DisplayWebPageRoles()
{
//First walk the directories and find folders with Web.config files.
//Start at the root
DirectoryInfo baseDir = new DirectoryInfo(Server.MapPath("~/"));
//Do a little recursion to find Web.Configs search directory and subdirs
List<string> dirs = DirectoriesWithWebConfigFile(baseDir);
//Replace the folder path separator except for the baseDir
for (int i = 0; i < dirs.Count; i++)
{
dirs[i] = dirs[i].Replace(
baseDir.FullName.Replace("\\", "/"),
"/" + baseDir.Name + (i > 0 ? "/" : ""));
}
//Now that we have the directories, we open the Web.configs we
//found and find allowed roles for locations and web pages.
for (int i = 0; i < dirs.Count; i++)
{
//Display on page, save to DB, etc...
ListRoles(dirs[i]);
}
}
public List<string> DirectoriesWithWebConfigFile(DirectoryInfo directory)
{
List<string> dirs = new List<string>();
foreach (FileInfo file in directory.GetFiles("Web.config"))
{
dirs.Add(directory.FullName.Replace("\\","/"));
}
foreach (DirectoryInfo dir in directory.GetDirectories())
{
dirs.AddRange(DirectoriesWithWebConfigFile(dir));
}
return dirs;
}
private void ListRoles(string configFilePath)
{
System.Configuration.Configuration configuration =
WebConfigurationManager.OpenWebConfiguration(configFilePath);
//Get location entries in web.config file
ConfigurationLocationCollection locCollection = configuration.Locations;
string locPath = string.Empty;
foreach (ConfigurationLocation loc in locCollection)
{
try
{
Configuration config = loc.OpenConfiguration();
//Get the location path so we know if the allowed roles are
//assigned to a folder location or a web page.
locPath = loc.Path;
if (locPath.EndsWith(".js")) //Exclude Javascript libraries
{
continue;
}
AuthorizationSection authSection =
(AuthorizationSection)config
.GetSection("system.web/authorization");
if (authSection != null)
{
foreach (AuthorizationRule ar in authSection.Rules)
{
if (IsRuleInherited(ar))
{
continue;
}
if (ar.Action == AuthorizationRuleAction.Allow
&& ar.Roles != null
&& ar.Roles.Count > 0)
{
for (int x = 0; x < ar.Roles.Count; x++)
{
//Display on page, save to DB, etc...
//Testing
//Response.Write(
// configFilePath + "/web.config" + ","
// + configFilePath + "/" + locPath + ","
// + ar.Roles[x] + "<br />");
}
}
}
}
}
catch (Exception ex)
{
//Your Error Handling Code...
}
}
}
From French IIS support Team blog
private bool IsRuleInherited(AuthorizationRule rule)
{
//to see if an access rule is inherited from the web.config above
//the current one in the hierarchy, we look at two PropertyInformation
//objects - one corresponding to roles and one corresponding to
//users
PropertyInformation usersProperty = rule.ElementInformation.Properties["users"];
PropertyInformation rolesProperty = rule.ElementInformation.Properties["roles"];
//only one of these properties will be non null. If the property
//is equal to PropertyValueOrigin.Inherited, the this access rule
//if not returned in this web.config
if (usersProperty != null)
{
if (usersProperty.ValueOrigin == PropertyValueOrigin.Inherited)
return true;
}
if (rolesProperty != null)
{
if (rolesProperty.ValueOrigin == PropertyValueOrigin.Inherited)
return true;
}
return false;
}
你能在下面標記爲正確的答案呢? – 2012-06-19 07:40:35