<authentication mode="Forms">
<forms name="MyCookie" loginUrl="admin/login.aspx" defaultUrl="admin/index.aspx" timeout="30" protection="All" path="/" requireSSL="false" slidingExpiration="false" />
</authentication>一个网站的后台登陆,Froms身份验证成功后跳转到操作页面,可一点左边的菜单,比如说"添加新闻" 他就会在Main窗口要求再次登陆,不知道为什么.
在本机没有问题,一传到网上就有问题了!
FormsAuthentication.RedirectFromLoginPage(this.txtusername.Text, false);这是我验证成功的跳转代码,期待高手帮我解决下!还需要帖哪些代码大家说!分不够再加!
跳转
if (Request.QueryString["ReturnUrl"] != null)
{
FormsAuthentication.RedirectFromLoginPage(username, false);
} else
{
FormsAuthentication.SetAuthCookie(username, false);
Response.Redirect("admin/main.aspx",false);
}
<?xml version="1.0"?><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<configSections>
<section name="CustomConfiguration" type="URLRewriter.Config.UrlsSection, URLRewriter" />
</configSections> <connectionStrings>
<add name="blueConnectionString1" connectionString="Data Source=BLUEVISION02\SQLEXPRESS;Initial Catalog=blue;Persist Security Info=True;User ID=sa;MultipleActiveResultSets=False;Packet Size=4096;Application Name="Microsoft SQL Server Management Studio Express""
providerName="System.Data.SqlClient" />
</connectionStrings>
<CustomConfiguration>
<urls>
<add virtualUrl="~/show_([a-zA-Z]+).html$" destinationUrl="~/show.aspx?one=$1&title=$2"/>
</urls>
</CustomConfiguration> <appSettings>
<add key="sql_string" value="server=.\SQLEXPRESS;uid=sa;pwd=sa1234;database=blue"/>
<add key="DictionaryFolder" value="bin"/>
</appSettings> <location path="admin">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location> <location path="admin/upload">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <location path="admin/images">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <location path="admin/css.css">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <location path="admin/example.css">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <location path="admin/right.css">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <location path="admin/style.css">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location> <system.web> <roleManager enabled="true" />
<httpModules>
<add type="URLRewriter.RewriterModule, URLRewriter" name="RewriterModule"/>
</httpModules> <httpRuntime maxRequestLength="102400" /> <httpHandlers>
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
validate="false" />
</httpHandlers>
<compilation debug="true">
<assemblies>
<add assembly="System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</assemblies>
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.Common, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</buildProviders>
</compilation> <sessionState cookieless="AutoDetect" timeout="30" mode="InProc" />
<!--解决当浏览器端禁用Cookie时-->
<authentication mode="Forms">
<forms name="MyCookie" loginUrl="admin/login.aspx" defaultUrl="admin/index.aspx" timeout="30" protection="All" path="/" requireSSL="false" slidingExpiration="false" />
</authentication>
</system.web>
</configuration>
<system.web>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
admin里面所有文件是要全部登录后才能操作,是不?我的web.config配置如下:
<?xml version="1.0"?><!--
注意: 除了手动编辑此文件以外,您还可以使用
Web 管理工具来配置应用程序的设置。可以使用 Visual Studio 中的
“网站”->“Asp.Net 配置”选项。
设置和注释的完整列表在
machine.config.comments 中,该文件通常位于
\Windows\Microsoft.Net\Framework\v2.x\Config 中
--><configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<connectionStrings/>
<system.web>
<!--
设置 compilation debug="true" 将调试符号插入
已编译的页面中。但由于这会
影响性能,因此只在开发过程中将此值
设置为 true。
--> <!--
通过 <authentication> 节可以配置 ASP.NET 使用的
安全身份验证模式,
以标识传入的用户。
-->
<authorization>
<allow users="*" />
</authorization>
<authentication mode="Forms"><forms loginUrl="~/Logon.aspx" protection="All" timeout="30" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" enableCrossAppRedirects="false" />
</authentication>
</system.web>
<location path="admin">
<system.web>
<authorization>
<allow roles="admin"></allow>
<deny users="?"/>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>c#代码
if (Request.QueryString["ReturnUrl"] != null)
{
FormsAuthentication.RedirectFromLoginPage(username, false);
} else
{
FormsAuthentication.SetAuthCookie(username, false);
Response.Redirect("admin/main.aspx",false);
}
<add key="webname" value="人才网" />
<add key="weburl" value="www.yidi.net" />
</appSettings>
不过我的登陆那有权限的限制的
我的是
DB.User_Roles(this.username.Text, "admin");--------------------------------
public static string User_Roles(string username, string roles)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(15.0), false, roles);
string str = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, str);
HttpContext.Current.Response.Cookies.Add(cookie);
return FormsAuthentication.GetRedirectUrl(FormsAuthentication.FormsCookieName,false);
}