asp.net表单身份验证仅重定向到default.aspx
问题描述:
我正在使用带有激活电子邮件的ASP.NET表单身份验证。我已经完成注册工作,它将用户添加到数据库并发送激活电子邮件,电子邮件发送给用户并点击它并被激活。我能够使用正确的信用登录,但每次都只能重定向到我项目根目录下的default.aspx。我尝试添加链接到允许该角色的子目录中的页面 - 但它只是将您带回登录页面。当你登录再次 - 它只是回到Default.aspx的asp.net表单身份验证仅重定向到default.aspx
这里是login.aspx.vb
Imports System.Data
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Web.Security
Imports Microsoft.VisualBasic
Imports System
Partial Class login
Inherits System.Web.UI.Page
Protected Sub ValidateUser(sender As Object, e As AuthenticateEventArgs) Handles Login1.Authenticate
Dim userID As Integer = 0
Dim roles As String = String.Empty
Session("roles") = Nothing
Using con As New SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True")
Using cmd As New SqlCommand("Validate_User")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", Login1.UserName)
cmd.Parameters.AddWithValue("@Password", Login1.Password)
cmd.Connection = con
con.Open()
Dim reader As SqlDataReader = cmd.ExecuteReader()
If reader.Read() Then
userID = Convert.ToInt32(reader("UserId"))
roles = reader("RoleName").ToString()
Session("roles") = roles
End If
con.Close()
End Using
Select Case userID
Case 1
Login1.FailureText = "Username and/or password is incorrect."
Exit Select
Case 2
Login1.FailureText = "Account has not been activated."
Exit Select
Case Else
Dim ticket As New FormsAuthenticationTicket(1, Login1.UserName, DateTime.Now, DateTime.Now.AddMinutes(2880), Login1.RememberMeSet, roles,
FormsAuthentication.FormsCookiePath)
Dim hash As String = FormsAuthentication.Encrypt(ticket)
Dim cookie As New HttpCookie(FormsAuthentication.FormsCookieName, hash)
If ticket.IsPersistent Then
cookie.Expires = ticket.Expiration
End If
Response.Cookies.Add(cookie)
Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, Login1.RememberMeSet))
Exit Select
End Select
End Using
End Sub
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
If Not Me.IsPostBack Then
If Me.Page.User.Identity.IsAuthenticated Then
FormsAuthentication.SignOut()
Response.Redirect("~/login.aspx")
Else
Session.Abandon()
Session.Clear()
End If
End If
End Sub
End Class
这里的代码的Web配置(项目 - 我读一些关于必须根把每个目录下的web配置)
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="2880">
</forms>
</authentication>
</system.web>
<!--https://www.codeproject.com/Articles/2905/Role-based-Security-with- Forms- Authentication-->
<location path="Admin">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="Judges">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Judge" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="Students">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Student" />
<deny users="*" />
</authorization>
</system.web>
</location>
这里是目录结构... directory structure
完整的web配置...
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<remove name="ChartImageHandler" />
<add name="ChartImageHandler" preCondition="integratedMode" verb="GET,HEAD,POST" path="ChartImg.axd" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</handlers>
</system.webServer>
<connectionStrings>
<add name="Database" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
<add name="BandDatabaseConnectionString" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<httpHandlers>
<add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
validate="false" />
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"
validate="false" />
</httpHandlers>
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</controls>
</pages>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5">
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</buildProviders>
</compilation>
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="2880">
</forms>
</authentication>
</system.web>
<!--https://www.codeproject.com/Articles/2905/Role-based-Security-with-Forms-Authentication-->
<location path="Admin">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Admin, Student, Judge" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Judges">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Judge" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Students">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Student" />
<deny users="?" />
</authorization>
</system.web>
</location>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
<add key="ChartImageHandler" value="storage=file;timeout=20;dir=c:\TempImageFiles\;" />
</appSettings>
<system.net>
<mailSettings>
<smtp deliveryMethod="Network" from="[email protected]">
<network host="localhost" userName="" password="" defaultCredentials="true" />
</smtp>
</mailSettings>
</system.net>
</configuration>
答
的Web.config告诉你在哪里登录重定向到(Default.aspx的):
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx"
loginUrl="~/login.aspx"
slidingExpiration="true" timeout="2880">
</forms>
</authentication>
我有一个使用在web.config重定向到默认页面登录页面。
我还在某些页面上使用单独的登录控件,这些页面会重定向到它们所在的页面。
注意:如果用户不允许在他们尝试登录的页面/目录中,他们会自动重定向到默认页面。
“我读了一些关于必须在每个目录中放置Web配置的信息” - 你在做这个吗? – wazz