(原创)文件安全下载

1、IIS设置

1）启动IIS.

2）创建一个新的名字为Security的虚拟目录.

　　如图设置：

3）创建一个名字为Download的虚拟目录

　　设置如图：

　　

 

2、修改项中的web.config

 

//下载目录相对路径
<add key="UploadPath" value="/Security/Uploads" />

//下载目录虚拟路径
<add key="DownloadURL" value="http://localhost/downloads" />

//windows用户名
<add key="BasicAuthenticationUser" value="administrator" />

//windows用户密码
<add key="BasicAuthenticationPWD" value="admin$123" />

 

3、下载程序

 

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Net;
using System.IO;
namespace security
{
    /// <SUMMARY>

    /// </SUMMARY>
    public class SecureFile
    {
        public SecureFile()
        {

        }
        public bool UploadFile(HtmlInputFile inputfile)
        {
            try
            {
                string fileName = "";
                string DirPath = "";
            
                if(( inputfile.PostedFile != null ) && 
                   ( inputfile.PostedFile.ContentLength > 0 ))
                {
                    DirPath=HttpContext.Current.Server.MapPath(
                      System.Configuration.ConfigurationSettings.AppSettings[
                      "UploadPath"]);
                    fileName = System.IO.Path.GetFileName(
                                     inputfile.PostedFile.FileName );
                    inputfile.PostedFile.SaveAs( DirPath + "\\\" + fileName  );
                }
                return true;
            }
            catch
            {
                return false;
            }
        }

        public bool DownloadFile(string strFile)
        {
            try
            {
                string strDownloadURL=
                  System.Configuration.ConfigurationSettings.AppSettings[
                  "DownloadURL"];
                string strUser=
                  System.Configuration.ConfigurationSettings.AppSettings[
                  "BasicAuthenticationUser"];
                string strPWD=
                  System.Configuration.ConfigurationSettings.AppSettings[
                  "BasicAuthenticationPWD"];
                string strURL=strDownloadURL + "\\\" + strFile;

                WebClient req=new WebClient();

                CredentialCache mycache=new CredentialCache();
                mycache.Add(new Uri(strURL),"Basic", 
                            new NetworkCredential(strUser,strPWD));
                req.Credentials=mycache;
                HttpResponse response = HttpContext.Current.Response;
                response.Clear();
                response.ClearContent();
                response.ClearHeaders();
                response.Buffer= true;

                response.AddHeader("Content-Disposition", 
                  "attachment;filename=\"" + strFile + "\"");
                byte[] data=req.DownloadData(strURL);
                response.BinaryWrite(data);
                response.End();
                return true;
            }
            catch(Exception ex)
            {
                if(ex.Message=="The remote server " + 
                               "returned an error: (404) Not Found.")
                    throw new Exception("File not found");
                else if(ex.Message=="The remote server" + 
                        " returned an error: (401) Unauthorized.")
                    throw new Exception("Unauthorized access");

                return false;
            }
        }
    }
}