也许很多朋友在做WEB项目的时候都会碰到这样一个需求:
当用户上传文件时,需要将上传的文件保存到另外一台专门的文件服务器。
要实现这样一个功能,有两种解决方案:
方案一、在文件服务器上新建一站点,用来接收上传的文件,然后保存。
方案二、将文件服务器的指定目录共享给WEB服务器,用来保存文件。
方案一不用多说,应该是很简单的了,将上传文件的FORM表单的ACTION属性指向文件服务器上的站点即可,我们来重点说下方案二。
也许你会说,其实方案二也很简单,在WEB服务器上做下磁盘映射,然后直接访问不就行了。其实不是这样的,IIS默认账户为NETWORK_SERVICE,该账户是没权限访问共享目录的,所以当你把站点部署到IIS上的时候,再访问映射磁盘就会报“找不到路径”的错误。所以,直接创建磁盘映射是行不通的,我们需要在程序中用指定账户创建映射,并用该账户运行IIS进程,下面来说下详细步骤及相关代码。
1、在文件服务器上创建共享目录,并新建访问账户。
比如共享目录为:\\192.168.0.9\share
访问账户为:user-1 密码为:123456
2、在WEB服务器上新建用户:user-1 密码为:123456,用户组选择默认的user组即可。
3、在WEB项目中新建公共类WNetHelper
- using System.Runtime.InteropServices;
- public class WNetHelper
- {
- [DllImport("mpr.dll", EntryPoint = "WNetAddConnection2")]
- private static extern uint WNetAddConnection2(NetResource lpNetResource, string lpPassword, string lpUsername, uint dwFlags);
- [DllImport("Mpr.dll", EntryPoint = "WNetCancelConnection2")]
- private static extern uint WNetCancelConnection2(string lpName, uint dwFlags, bool fForce);
- [StructLayout(LayoutKind.Sequential)]
- public class NetResource
- {
- public int dwScope;
- public int dwType;
- public int dwDisplayType;
- public int dwUsage;
- public string lpLocalName;
- public string lpRemoteName;
- public string lpComment;
- public string lpProvider;
- }
- /// <summary>
- /// 为网络共享做本地映射
- /// </summary>
- /// <param name="username">访问用户名(windows系统需要加计算机名,如:comp-1\user-1)</param>
- /// <param name="password">访问用户密码</param>
- /// <param name="remoteName">网络共享路径(如:\\192.168.0.9\share)</param>
- /// <param name="localName">本地映射盘符</param>
- /// <returns></returns>
- public static uint WNetAddConnection(string username, string password, string remoteName, string localName)
- {
- NetResource netResource = new NetResource();
- netResource.dwScope = 2;
- netResource.dwType = 1;
- netResource.dwDisplayType = 3;
- netResource.dwUsage = 1;
- netResource.lpLocalName = localName;
- netResource.lpRemoteName = remoteName.TrimEnd(\'\\\');
- uint result = WNetAddConnection2(netResource, password, username, 0);
- return result;
- }
- public static uint WNetCancelConnection(string name, uint flags, bool force)
- {
- uint nret = WNetCancelConnection2(name, flags, force);
- return nret;
- }
- }
4、为IIS指定运行账户user-1
要实现此功能,有两种办法:
a) 在web.config文件中的<system.web>节点下,添加如下配置:<identity impersonate="true" userName="user-1" password="123456" />
b) 在WEB项目中添加公用类LogonImpersonate
- public class LogonImpersonate : IDisposable
- {
- static public string DefaultDomain
- {
- get
- {
- return ".";
- }
- }
- const int LOGON32_LOGON_INTERACTIVE = 2;
- const int LOGON32_PROVIDER_DEFAULT = 0;
- [System.Runtime.InteropServices.DllImport("Kernel32.dll")]
- extern static int FormatMessage(int flag, ref IntPtr source, int msgid, int langid, ref string buf, int size, ref IntPtr args);
- [System.Runtime.InteropServices.DllImport("Kernel32.dll")]
- extern static bool CloseHandle(IntPtr handle);
- [System.Runtime.InteropServices.DllImport("Advapi32.dll", SetLastError = true)]
- extern static bool LogonUser(
- string lpszUsername,
- string lpszDomain,
- string lpszPassword,
- int dwLogonType,
- int dwLogonProvider,
- ref IntPtr phToken
- );
- IntPtr token;
- System.Security.Principal.WindowsImpersonationContext context;
- public LogonImpersonate(string username, string password)
- {
- if (username.IndexOf("\\") == -1)
- {
- Init(username, password, DefaultDomain);
- }
- else
- {
- string[] pair = username.Split(new char[] { \'\\\' }, 2);
- Init(pair[1], password, pair[0]);
- }
- }
- public LogonImpersonate(string username, string password, string domain)
- {
- Init(username, password, domain);
- }
- void Init(string username, string password, string domain)
- {
- if (LogonUser(username, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token))
- {
- bool error = true;
- try
- {
- context = System.Security.Principal.WindowsIdentity.Impersonate(token);
- error = false;
- }
- finally
- {
- if (error)
- CloseHandle(token);
- }
- }
- else
- {
- int err = System.Runtime.InteropServices.Marshal.GetLastWin32Error();
- IntPtr tempptr = IntPtr.Zero;
- string msg = null;
- FormatMessage(0x1300, ref tempptr, err, 0, ref msg, 255, ref tempptr);
- throw (new Exception(msg));
- }
- }
- ~LogonImpersonate()
- {
- Dispose();
- }
- public void Dispose()
- {
- if (context != null)
- {
- try
- {
- context.Undo();
- }
- finally
- {
- CloseHandle(token);
- context = null;
- }
- }
- }
- }
在访问映射磁盘之前首先调用此类为IIS更换运行用户:LogonImpersonate imper = new LogonImpersonate("user-1", "123456");
5、在访问共享目录前,调用WNetHelper.WNetAddConnection,添加磁盘映射
- public static bool CreateDirectory(string path)
- {
- uint state = 0;
- if (!Directory.Exists("Z:"))
- {
- state = WNetHelper.WNetAddConnection(@"comp-1\user-1", "123456", @"\\192.168.0.9\share", "Z:");
- }
- if (state.Equals(0))
- {
- Directory.CreateDirectory(path);
- return true;
- }
- else
- {
- throw new Exception("添加网络驱动器错误,错误号:" + state.ToString());
- }
- }
6、完成。
简洁代码就是:
LogonImpersonate imper = new LogonImpersonate("user-1", "123456");
WNetHelper.WNetAddConnection(@"comp-1\user-1", "123456", @"\\192.168.0.9\share", "Z:");
Directory.CreateDirectory(@"Z:\newfolder");
file1.SaveAs(@"Z:\newfolder\test.jpg");
请发表评论