How do I configure ASP.net forms authentication to

2019-06-14 01:43发布

I have a site where I have a admin.aspx page.

Once the user has logged into the Admin.aspx page successfully, they will then be redirected to the Report.aspx page. Note that the Report.aspx page cannot be accessed without first successfully logging into Admin.aspx page.

Keep in mind that there are other pages like index.aspx, etc which any user can view without logging in. I just need the authentication for JUST the Report.aspx page.

I have the following code but does not seem to work as it says problem with virtual directory. Am I doing something fundamentally wrong?

  <location path="Report.aspx">
    <system.web>
        <authentication mode="Forms">
            <forms loginUrl="Login.aspx" >
                <credentials passwordFormat="Clear">
                    <user name="John" password="pass@432"/>
                </credentials>
            </forms>
        </authentication>
        <authorization>
            <deny users="*" />
        </authorization>
    </system.web>
</location>

3条回答
男人必须洒脱
2楼-- · 2019-06-14 02:21

In web.config file:

<location path="Default.aspx">
    <system.web>
        <authorization>
            <allow roles="Administrator, User, AdditionalUser" />
        </authorization>
    </system.web>
</location>

ASP.NET Forms Auth Allowing access to specific file in subdirectory when all others should be denied

http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx

查看更多
【Aperson】
3楼-- · 2019-06-14 02:29

First it seems you are not allowing your user John. You also might want to try pulling the authentication section of out of the locaiton specific parts of the config file:

<configuration>
  <system.web>
    <authentication mode="Forms">
      <forms loginUrl="Login.aspx" defaultUrl="Report.aspx">
        <credentials passwordFormat="Clear">
          <user name="John" password="pass@432"/>
        </credentials>
      </forms>
    </authentication>
  </system.web>

  <location path="Report.aspx">
    <system.web>
      <authorization>
        <allow users="John"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>
</configuration>
查看更多
一夜七次
4楼-- · 2019-06-14 02:36

To redirect the user after a successful login, use the DestinationPageUrl property.

<%@ Page Language="C#" autoEventWireup="false" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<script runat="server">
        void PageLoad(Object sender, EventArgs e)
        {
            Login1.DestinationPageUrl = 
                String.Format("terms.aspx?{0}", Request.QueryString.ToString());
        }
</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
    <head runat="server">
    <title>ASP.NET Example</title>
</head>
<body>
        <form id="form1" runat="server">
            <asp:Login id="Login1" runat="server" 
                DestinationPageUrl="terms.aspx">
            </asp:Login>
        </form>
    </body>
</html>
查看更多
登录 后发表回答