基于窗体的身份验证.如何设置某个文件可以匿名访问

使用基于窗体身份验证做登录验证.

在登录的时候,我需要用到图片验证码,可是利用基于窗体身份验证后,这个验证图片就不显示了.个人认为是这个图片验证文件也自动做验证,需要把这个生成验证图片的aspx文件设置成任何人都可访问,就是说这个文件不自动做验证.在web.config里应该怎么设置呢?

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

你在web.config里的<configuration>里设置
<location path="验证码图片.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
就可以了
To palatin() 兄我也看了一部分资料,了解是应该用location来定义.可是不管是如你所说,放在system.web外面,还是里面,都不行.
如你所说放在外面,页面倒是能显示出来,可验证图片还是照样不显示.
而象我以前放在system.web里面,结果连LOGIN.ASPX页也不能正常显示了.以下是如你说所的放在system.web外面
  <location path="ImageValidate.aspx">
    <system.web>
    <authentication mode="Forms">
      <forms name="AuthCookie" loginUrl="login.aspx" protection="All" path="/" timeout="30" />
    </authentication>
    <authorization>
     <deny users ="?" />
     <allow users = "*" />
    </authorization>
  </system.web>
  </location>
肯定是要放在<system.web>外面。图片不显示大多数的时候路径问题，好好查查吧
我的目录就是放在根目录下.而且纠正一下YCL,我的不是图片文件,是生成图片的aspx文件.而且就算是我放在子目录下,不管是不是把这个目录做为虚拟目录,还是不能自动生成图片
最终结果.我的web.config文件内容如下<?xml version="1.0" encoding="utf-8" ?>
<configuration>  <location path="Validate/ImageValidate.aspx">
    <system.web>
      <authentication>
        <deny users="?" />
        <allow users="*" />
      </authentication>
    </system.web>
  </location>

  <system.web>
    <compilation defaultLanguage="c#" debug="true" />
    <customErrors mode="RemoteOnly" />
      <authentication mode="Forms">
        <forms name=".ASPXUSERDEMO" loginUrl="login.aspx" protection="All" timeout="60" />
      </authentication>
      <authorization>
        <deny users="?" />
      </authorization>
    <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" calOnly="true" />
    <sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="20" />
    <globalization requestEncoding="utf-8" responseEncoding="utf-8" />
  </system.web>
</configuration>我的login.aspx文件如下:<%@ Page language="c#" Codebehind="login.aspx.cs" AutoEventWireup="false" Inherits="netshop_manager.login" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
<HEAD>
<title>login</title>
<meta content="Microsoft Visual Studio .NET 7.1" name="GENERATOR">
<meta content="C#" name="CODE_LANGUAGE">
<meta content="JavaScript" name="vs_defaultClientScript">
<meta content="http://schemas.microsoft.com/intellisense/ie5" name="vs_targetSchema">
<LINK href="style/default.css" type="text/css" rel="stylesheet">
</HEAD>
<body bgColor="#dddddd" MS_POSITIONING="GridLayout">
<form id="Form1" method="post" runat="server">
<TABLE id="Table4" height="100%" cellSpacing="0" cellPadding="0" width="100%" align="center"
border="0">
<TR>
<TD>
<TABLE id="Table1" cellSpacing="0" cellPadding="0" width="320" align="center" background="images/login_title_bg.gif"
border="0">
<TR>
<TD class="maintitle" style="WIDTH: 120px; COLOR: white" align="right" background="images/login_title.gif"
height="28">网上购物商城  </TD>
<TD align="right" height="28">
<asp:Label id="Lab_Power" runat="server"></asp:Label></TD>
</TR>
</TABLE>
<TABLE id="Table2" height="160" cellSpacing="0" cellPadding="0" width="320" align="center"
bgColor="white" border="0">
<TR>
<TD vAlign="middle" align="center" width="35%"><IMG src="images/key.gif"></TD>
<TD vAlign="middle" align="center" width="65%">
<TABLE id="Table3" cellSpacing="0" cellPadding="0" width="100%" border="0">
<TR>
<TD class="maintitle" align="center" colSpan="2" height="30">管理员登录</TD>
</TR>
<TR>
<TD class="std" style="WIDTH: 56px" vAlign="top" align="right" height="30"><FONT face="宋体">管理员:</FONT></TD>
<TD height="30"><asp:textbox id="TxtB_UserName" runat="server" Width="102px"></asp:textbox><asp:requiredfieldvalidator id="ReFV_UserName" runat="server" Display="Dynamic" Height="18px" ControlToValidate="TxtB_UserName"
ErrorMessage="用户名不可为空"></asp:requiredfieldvalidator></TD>
</TR>
<TR>
<TD class="std" style="WIDTH: 56px" vAlign="top" align="right" height="30"><FONT face="宋体">密码:</FONT></TD>
<TD height="30"><FONT face="宋体"></FONT><asp:textbox id="TxtB_UserPass" runat="server" Width="102px" TextMode="Password"></asp:textbox><asp:requiredfieldvalidator id="ReFV_UserPass" runat="server" Display="Dynamic" Height="18px" ControlToValidate="TxtB_UserPass"
ErrorMessage="用户密码不可为空"></asp:requiredfieldvalidator></TD>
</TR>
<TR>
<TD class="std" style="WIDTH: 56px" vAlign="top" align="right" height="30"><FONT face="宋体">验证码:</FONT></TD>
<TD height="30"><asp:textbox id="TxtB_PassCode" runat="server" Width="50px"></asp:textbox><asp:image id="Img_Validate" runat="server" AlternateText="验证码" ImageAlign="AbsMiddle"></asp:image><asp:requiredfieldvalidator id="ReFV_PassCode" runat="server" Display="Dynamic" Height="18px" ControlToValidate="TxtB_PassCode"
ErrorMessage="验证码不可为空"></asp:requiredfieldvalidator></TD>
</TR>
<TR>
<TD align="left" colSpan="2">
<HR width="96%" SIZE="1">
</TD>
</TR>
<TR>
<TD align="right" colSpan="2" height="40"><asp:button id="Btn_Login" runat="server" Text="登录系统"></asp:button>    </TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
<br>
<br>
<br>
<br>
</TD>
</TR>
</TABLE>
</form>
</body>
</HTML>
我的login.aspx.cs文件如下:using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;namespace netshop_manager
{
/// <summary>
/// login 的摘要说明。
/// </summary>
public class login : baseform
{
protected System.Web.UI.WebControls.TextBox TxtB_UserName;
protected System.Web.UI.WebControls.TextBox TxtB_UserPass;
protected System.Web.UI.WebControls.Button Btn_Login;
protected System.Web.UI.WebControls.Button Btn_Return;
protected System.Web.UI.WebControls.RequiredFieldValidator ReFV_UserPass;
protected System.Web.UI.WebControls.RequiredFieldValidator ReFV_PassCode;
protected System.Web.UI.WebControls.Image Img_Validate;
protected System.Web.UI.WebControls.RequiredFieldValidator ReFV_UserName;
protected System.Web.UI.WebControls.Label Lab_Power;
protected System.Web.UI.WebControls.TextBox TxtB_PassCode;

private void Page_Load(object sender, System.EventArgs e)
{
if(!this.IsPostBack)
{
this.SetWinTitle("管理员登录","top");
this.Lab_Power.Text = "Powered By <b>AntBrother</b>  ";
}
this.Img_Validate.ImageUrl = "Validate/ImageValidate.aspx";
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}

/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.Btn_Login.Click += new System.EventHandler(this.Btn_Login_Click);
this.Load += new System.EventHandler(this.Page_Load); }
#endregion private void Btn_Login_Click(object sender, System.EventArgs e)
{
if(this.Page.IsValid)
{
if (Session["CheckCode"]!=null)
{
if(this.TxtB_PassCode.Text.ToUpper()!=Session["CheckCode"].ToString())
{
this.ShowMessage("    验证码不符！",101);
}
else
{
Session.Add("LoginOK",true);
this.Response.Redirect("default.aspx");
}
}
else
{
this.ShowMessage("    验证码已过期！",101);
}
}
}
}
}
生成验证码图片的ImageValidate.aspx不管是放在Validate目录下.还是放在根目录下.按上面的设置都不能将验证图片输出显示.
生成验证码图片的ImageValidate.aspx放在Validate目录下,然后在Validate目录下再放一个web.config文件,里面设置
    <authorization>
        <allow users="*" />
    </authorization>
To stoneyu(小赖-害怕升星星)多谢谢老兄,那几天来来回回弄这个,脑袋都大了.结果自己都糊涂了.你说的方法我试过.当时没调试成功,过了2天,今天再接你老兄说的一改,一次就搞定了.结贴...