假设A是web服务器,B是资源服务器,文件要通过A服务器上的web程序上传到B服务器。
步骤如下:
1、在B服务器上面新建并共享一个文件夹,比如D:\UploadFiles。在IIS下新建一个虚拟目录UploadFiles,指向D:\UploadFiles。
2、在B服务器上新建一个用户,比如:用户名是chenya,密码是123456。
3、将用户chenya添加到UploadFiles的权限组里去,并且选择“完全控制”。如果不行,看看是不是ASP.NET和Users没有加。值得注意的是,我们还需要在服务器A上同样的加上chenya用户,密码也要一样,这是在后面代码里用来登录映射驱动器的。
4、如果Administrator是空密码,那么所有的用户都可以访问该目录了,这肯定是不被允许的。所以一定要为Administrator设置一个密码,并且确保使用服务器B时必须输入用户名和密码(在运行里输入control userpasswords2),当然,作为服务器B而言,管理员用户是必须要设置密码的,不管我们要不要上传东西。这样的话,每当匿名用户访问时都需要输入授权的用户名和密码,这时chenya用户就派上用场了。
5、最后,我们需要把服务器B上的UploadFiles映射成服务器A的网络驱动器,这样服务器A就可以像访问自己本地的硬盘一样访问UploadFiles了,就是在上传的cs文件里引入以下代码:
view plaincopy to clipboardprint? public const int LOGON32_LOGON_INTERACTIVE = 2; public const int LOGON32_PROVIDER_DEFAULT = 0; System.Security.Principal.WindowsImpersonationContext impersonationContext; [DllImport("advapi32.dll", CharSet = CharSet.Auto)] public static extern int LogonUser(String lpszUserName, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] public extern static int DuplicateToken(IntPtr hToken, int impersonationLevel, ref IntPtr hNewToken); private bool impersonateValidUser(String userName, String domain, String password) { IntPtr token = IntPtr.Zero; IntPtr tokenDuplicate = IntPtr.Zero; if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0) { if (DuplicateToken(token, 2, ref tokenDuplicate) != 0) { System.Security.Principal.WindowsIdentity tempWindowsIdentity; tempWindowsIdentity = new System.Security.Principal.WindowsIdentity(tokenDuplicate); impersonationContext = tempWindowsIdentity.Impersonate(); if (impersonationContext != null) return true; else return false; } else return false; } else return false; } private void undoImpersonation() { impersonationContext.Undo();//回退为未更改前账户 } //开始上传 protected void UploadFile() { string m_path = @"http://www.cnblogs.com/ghfsusan/admin/file://192.168.1.100/UploadFiles"; m_path = Path.Combine(m_path, "demo"); //临时更改为跟网络硬盘相同用户名密码的账户(此账户必须在网络盘有写入权限)本机也需要同样帐号密码的帐户 if (impersonateValidUser("chenya", "192.168.1.100", "123456")) { //登陆后处理密码 if (!Directory.Exists(m_path)) { try { Directory.CreateDirectory(m_path); Directory.CreateDirectory(Path.Combine(m_path, "Video")); Directory.CreateDirectory(Path.Combine(m_path, "Html")); Directory.CreateDirectory(Path.Combine(m_path, "Doc")); } catch (Exception e) { Response.Write(e.Message); } FileUpload1.SaveAs(@"http://www.cnblogs.com/ghfsusan/admin/file://192.168.1.100/UploadFiles/demo/newfile.rar"); undoImpersonation();//回退为未更改前账户 } } public const int LOGON32_LOGON_INTERACTIVE = 2; public const int LOGON32_PROVIDER_DEFAULT = 0; System.Security.Principal.WindowsImpersonationContext impersonationContext;
[DllImport("advapi32.dll", CharSet = CharSet.Auto)] public static extern int LogonUser(String lpszUserName, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] public extern static int DuplicateToken(IntPtr hToken, int impersonationLevel, ref IntPtr hNewToken);
private bool impersonateValidUser(String userName, String domain, String password) { IntPtr token = IntPtr.Zero; IntPtr tokenDuplicate = IntPtr.Zero;
if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0) { if (DuplicateToken(token, 2, ref tokenDuplicate) != 0) { System.Security.Principal.WindowsIdentity tempWindowsIdentity; tempWindowsIdentity = new System.Security.Principal.WindowsIdentity(tokenDuplicate); impersonationContext = tempWindowsIdentity.Impersonate(); if (impersonationContext != null) return true; else return false; } else return false; } else return false; } private void undoImpersonation() { impersonationContext.Undo();//回退为未更改前账户 }
//开始上传 protected void UploadFile() { string m_path = @"http://www.cnblogs.com/ghfsusan/admin/file://192.168.1.100/UploadFiles"; m_path = Path.Combine(m_path, "demo");
//临时更改为跟网络硬盘相同用户名密码的账户(此账户必须在网络盘有写入权限)本机也需要同样帐号密码的帐户 if (impersonateValidUser("chenya", "192.168.1.100", "123456")) { //登陆后处理密码 if (!Directory.Exists(m_path)) { try { Directory.CreateDirectory(m_path); Directory.CreateDirectory(Path.Combine(m_path, "Video")); Directory.CreateDirectory(Path.Combine(m_path, "Html")); Directory.CreateDirectory(Path.Combine(m_path, "Doc")); } catch (Exception e) { Response.Write(e.Message); } FileUpload1.SaveAs(@"http://www.cnblogs.com/ghfsusan/admin/file://192.168.1.100/UploadFiles/demo/newfile.rar"); undoImpersonation();//回退为未更改前账户 } }
这时已经基本上完成了配置了,但在上传的时候,还是会出现无法访问Temp目录的错误,因为文件从A到B的过程中,是先存入服务器A的Temp临时文件夹的,如果没有权限,依然会出错,解决方法:将Users加入到Temp目录的权限组,把读取,写入,修改都打开即可。
随便从一台机器上传一下,是不是已经在B服务器上看到你传的东西了???
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/kingya2008/archive/2009/07/12/4341763.aspx
|
请发表评论