This site is running PHP on IIS 7.5, and access to the site is restricted to an Active Directory group via the web.config, as follows:

此站点在IIS 7.5上运行PHP，并且通过web.config将对站点的访问限制为Active Directory组，如下所示：

<security>
    <authorization>
        <remove users="*" roles="" verbs="" />
        <add accessType="Allow" roles="DOMAIN\AD-GROUP" />
    </authorization>
 </security>

The only URL rewriting being done is to send most URLs to index.php, and CodeIgniter handles routing after that.

唯一的URL重写是将大多数URL发送到index.php，然后CodeIgniter处理路由。

There's a specific URL pattern that needs to be exposed to users not in that specific Active Directory group, however. It's not a file, which I believe the <location> tag is used for; it needs to be based on the URL.

但是，有一个特定的URL模式需要向不在该特定Active Directory组中的用户公开。它不是一个文件，我相信 标签用于;它需要基于URL。

Additional context: this is for a URL pattern in a single page/AngularJS application. An example: in a project management application, users of the app can create tasks, upload files, post notes (e.g., http://domain/#/project/1234/tasks). All of those users are in the AD-GROUP group. For each project, there's a cover page of sorts for the project that can be given out to non-users within the organization (http://domain/#/project/1234/public). They won't be in that specific AD group, but they need to view that page.

附加上下文：这是针对单页/ AngularJS应用程序中的URL模式。例如：在项目管理应用程序中，应用程序的用户可以创建任务，上传文件，发布笔记（例如，http：// domain /＃/ project / 1234 / tasks）。所有这些用户都在AD-GROUP组中。对于每个项目，都有一个项目类型的封面页，可以发给组织内的非用户（http：// domain /＃/ project / 1234 / public）。它们不在特定的AD组中，但是他们需要查看该页面。

Is this possible to do in the web.config, given that it's based on the hash in the URL? If not, what's an alternate way to restrict based on an AD group if not the web.config?

这是否可以在web.config中进行，因为它基于URL中的哈希？如果不是，如果不是web.config，基于AD组限制的另一种方法是什么？

1 个解决方案

#1

---