Access verification setting method of HTML page in ASP. NET

There may be many friends and I who will not notice such problems. In ASP. NET, using its own provided access authentication functions (form authentication, Passport authentication, Windows authentication), there is no access restriction on static files (such as html, image files, text files, etc.), and even if these files are placed in folders that need authentication before access, anonymous users can still access these files. This is because static files are processed by IIS by default, and IIS does not forward requests for these files to ASP. NET for processing, so permission verification in ASP. NET loses its function. In other words, these files are not under the jurisdiction of ASP. NET.

So, how do you place these files under the jurisdiction of ASP. NET? Taking html file as an example, the simplest way is to change the suffix of html file to aspx, which is very simple and practical, but it is not formal. Another method is to set IIS, so that IIS transfers the processing rights of html files to ASP. NET. The settings are as follows:

(1) Open IIS, find the ASP. NET application that needs to be set, and open the properties dialog box.

(2) There is one "Application Settings" in the "Virtual Directory" tab. Click the "Settings" button here to pop up a new dialog box.

(3) In the "Correspondence" tab, click the "Add" button to increase the correspondence between the suffix of. htm and the handler. For specific settings, please refer to the settings of. aspx.

After setting up, visit the html file in the directory that needs to be verified again, and you will go to the login page to prompt the user to log in, indicating that the access verification has taken effect. But it is still not finished, because after logging in, you will find that the htm file is wrong. This involves HttpHandler, because for ASP. NET, this is equivalent to enabling a new file type, but there is no corresponding handler. Therefore, it is necessary to change the settings of web. config and register a new handler. For html files, we can use the handler of aspx files, so the settings are as follows:

<system.web>
...
<httpHandlers>
...
<!--  Add the suffix as  htm  File handler, used here  aspx  File handler  -->
<add verb="*" path="*.htm" type="System.Web.UI.PageHandlerFactory"/>
</httpHandlers>
...
</system.web>

Access again, this time with a compilation error, because the corresponding compiler for the htm file is missing, and modify web. config:

<system.web>
<compilation>
...
<!--  Set the suffix to  htm  The compiler of the file, which is used here  aspx  Compiler of file  -->
<buildPRoviders>
<add extension=".htm" type="System.Web.Compilation.PageBuildProvider"/>
</buildProviders>
</compilation>
...
</system.web>

This time, access the html file, which, as we expected, needs to be authenticated and displays properly. In fact, the core of this problem lies in the understanding of HttpHandler. In addition, it is said that in IIS 7, this problem can be solved by simply placing the application in the application pool with the mode Integrated.

If it is not a special requirement or if you have to use HTML static pages, I think it is relatively simple to convert html into aspx. Customer deployment does not require too much configuration, and some customers are annoyed to deploy the system for configuration, so it is better to be simple.