我的 web.config 文件中有以下设置。如果用户未登录,它基本上会限制对页面的访问。如果我不想使用 asp 登录控件或实现成员(member)资格提供程序,我如何“告诉”asp loginregister.aspx 页面已授权该请求如果我想实现自己的登录系统?
谢谢。
<authentication mode="Forms">
<forms loginUrl="~/loginregister.aspx"
name=".ASPXFORMSAUTH" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<location path="~/secretpage.aspx" allowOverride="true">
<system.web>
<compilation debug="true" />
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
最佳答案
验证用户后,设置票证...
Response.Cookies.Add(TicketHelper.CreateAuthCookie(Login1.UserName, userData, Login1.RememberMeSet /*persistent cookie*/));
使用这个辅助类...
如果使用登录控件,请在经过身份验证的事件处理程序中执行此操作。
using System;
using System.Web;
using System.Web.Security;
namespace CustomAuthRepurposingFormsAuth
{
public static class TicketHelper
{
/// <summary>
///
/// </summary>
/// <param name="userName"></param>
/// <param name="userData">be mindful of the cookie size or you will be chasing ghosts</param>
/// <param name="persistent"></param>
/// <returns></returns>
public static HttpCookie CreateAuthCookie(string userName, string userData, bool persistent)
{
DateTime issued = DateTime.Now;
// formsAuth does not expose timeout!? have to hack around the
// spoiled parts and keep moving..
HttpCookie fooCookie = FormsAuthentication.GetAuthCookie("foo", true);
int formsTimeout = Convert.ToInt32((fooCookie.Expires - DateTime.Now).TotalMinutes);
DateTime expiration = DateTime.Now.AddMinutes(formsTimeout);
string cookiePath = FormsAuthentication.FormsCookiePath;
var ticket = new FormsAuthenticationTicket(0, userName, issued, expiration, true, userData, cookiePath);
return CreateAuthCookie(ticket, expiration, persistent);
}
public static HttpCookie CreateAuthCookie(FormsAuthenticationTicket ticket, DateTime expiration, bool persistent)
{
string creamyFilling = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, creamyFilling)
{
Domain = FormsAuthentication.CookieDomain,
Path = FormsAuthentication.FormsCookiePath
};
if (persistent)
{
cookie.Expires = expiration;
}
return cookie;
}
}
关于c# - 如何设置 ASP.NET 身份验证属性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/996588/