<authentication mode="Forms">
<forms name="MyApp02" path="/" loginUrl="/css/index.apsx"
protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="billjones" password="test" />
<user name="marthasmith" password="test" />
<user name="joesoap" password="test" />
</credentials>
</forms>
</authentication>
<forms name="MyApp02" path="/" loginUrl="/css/index.apsx"
protection="All" timeout="30">
<credentials passwordFormat="Clear">
<user name="billjones" password="test" />
<user name="marthasmith" password="test" />
<user name="joesoap" password="test" />
</credentials>
</forms>
</authentication>
解决方案 »
- 各位对女人了解的大哥,帮帮忙,关于小弟的一生幸福!
- 环境:VS2005,部署完成用IE浏览是出现如下错误;怎么办呢,我修改了IIS里的所有属性和权限都是这样的,
- datatable中的数据如何按类型导出到excel的不同工作表中去呢?
- 下面的一个方法, 我传进一个 string.Empty
- .net开发的程序,在关闭当前操作页面的时候提示保存怎么做?谢谢!
- 关于数据分页的问题[新手]
- 有谁知道是否有免费的 可以接收pop3邮件的Jmail组件,
- GridView 中有关BUTTON和BoundField的问题
- 急、急、急)数据类型转换问题(给分)
- C#与Asp.net的概念问题
- DataGrid分页的问题?
- 关于dataset的一个问题,请各位大侠一定要帮忙。
可以把相同访问权的页面都放到同一个目录中,然后对这个目录在web.config进行权限设置。对web.config如下设置
<configuration>
<authentication mode="Forms">
<forms name="YourApp" path="/" loginUrl="login.aspx" protection="All" timeout="30">
</forms>
</authentication>
<location path="YourFolder">
<system.web>
<authorization>
<allow roles="YourRoles" />
<deny users="*" />
</authorization>
</system.web>
</location>
</configuration>在Global.asax.vb里面,
If Not (HttpContext.Current.User Is Nothing) Then
If (HttpContext.Current.User.Identity.IsAuthenticated = True) Then
If (HttpContext.Current.User.Identity.AuthenticationType = "Forms") Then
Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity, FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
Dim userData As String = ticket.UserData
Dim roles() As String = userData.Split(",")
HttpContext.Current.User = New GenericPrincipal(id, roles)
End If
End If
End If在login.aspx.vb中
Dim encryptPwd As String
encryptPwd = Functions.EncryptPassword(txtpwd.Text, "MD5")
Dim reader As SqlClient.SqlDataReader
FormsAuthentication.Initialize()
reader = Functions.GetReaderObject("SELECT name,roles FROM userinfo WHERE Username='" & txtloginid.Text & "' AND Password='" & encryptPwd & "'")
If reader.Read Then
FormsAuthentication.RedirectFromLoginPage(txtloginid.Text, False)
Session("xm") = reader.Item(0)
Dim sqldr As SqlDataReader
sqldr = Functions.GetReaderObject("select distinct YYDX_CZ_BS from SysDefV_XT_QX_YH where YH_BS='" & txtloginid.Text & "'")
Dim inttmp As Integer
Dim objStrB As System.Text.StringBuilder = New System.Text.StringBuilder()
While sqldr.Read
objStrB.Append(sqldr(0).ToString + ",")
End While
If sqldr.IsClosed = False Then
sqldr.Close()
End If
If objStrB.Length > 0 Then
objStrB.Remove(objStrB.Length - 1, 1)
End If
Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, txtloginid.Text, DateTime.Now, DateTime.Now.AddMinutes(30), True, objStrB.ToString, FormsAuthentication.FormsCookiePath)
Dim hash As String = FormsAuthentication.Encrypt(ticket)
Dim cookie As HttpCookie = New HttpCookie(FormsAuthentication.FormsCookieName, hash)
Response.Cookies.Add(cookie)
Else
lblMsg.Text = "用户验证失败!"
lblMsg.Visible = True
End If
If reader.IsClosed = False Then
reader.Close()
End If
是对于目录的权限设置!