如何授权注册用户访问网站 [英] How to give permission to registered users to access web site

问题描述

HI，

我有应用程序。应用程序的结构就像login.aspx，当注册用户登录时，重定向到default.aspx.when用户在default.aspx页面，如果我复制网址和在其他浏览器或tab.its中直接打开default.aspx页面。我想这样做当用户通过URL时，它应该重定向到login.aspx页面。怎么做



我尝试过：



我试过在web.config文件中给予授权

I have application.The structure of application is like login.aspx when registred user logon its redirect to default.aspx.when user is in default.aspx page if i copy url and past it in other browser or tab.its directly open the default.aspx page.I wanted to do When user past the URL its should redirect to login.aspx page.How to do it

What I have tried:

I have tried by giving authorization in web.config file

推荐答案

您好，请参阅以下文章，

ASP.NET身份验证和授权 [ ^ ]

Hi, refer the following article,
ASP.NET authentication and authorization[^]

如果您正在构建需要较少安全性的简单应用程序，这是一种更简单的方法。



它给你一个非常基本的想法。



您可以在会话状态中构建一个用于存储用户登录凭据的类，如下所示：

If you are building simple application which require less security, here is a simpler way to do it.

It gives you a very basic idea.

You can build a class for storing user login credentials in session sate something like this:

public class LoginUser
{
    public static bool IsLogin
    {
        get
        {
            if (HttpContext.Current == null ||
                HttpContext.Current.Session == null ||
                HttpContext.Current.Session["IsLogin"] == null)
                return false;

            return (bool)HttpContext.Current.Session["IsLogin"];
        }
        set
        {
            HttpContext.Current.Session["IsLogin"] = value;
        }
    }

    public static string Username
    {
        get
        {
            return HttpContext.Current.Session["Username"] + "";
        }
        set
        {
            HttpContext.Current.Session["Username"] = value;
        }
    }
}

a登录页面后面的代码示例：

a simple example of code behind of login page:

protected void Page_Load(object sender, EventArgs e)
{
    if (LoginUser.IsLogin)
        Response.Redirect("~/Default.aspx", true);
}

protected void btLogin_Click(object sender, EventArgs e)
{
    LoginUser.IsLogin = true;
    LoginUser.Username = txtUsername.Text;
    Response.Redirect("~/Default.aspx", true);
}

和Default.aspx页面背后的代码：

And the code behind of Default.aspx page:

protected override void OnInit(EventArgs e)
{
    if (!LoginUser.IsLogin)
    {
        Response.Redirect("~/Login.aspx", true);
        return;
    }
    base.OnInit(e);
}

protected void Page_Load(object sender, EventArgs e)
{
    Response.Write("User logged In: " + LoginUser.Username);
}

您可以在注销期间清除会话状态值：

And you can clear the session state values during Logout:

public partial class Logout : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        Session.RemoveAll();
        Session.Clear();
        Session.Abandon();
        Response.Clear();
        Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddSeconds(-30);
        Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
    }
}

string strPreviousPage = "";
 if (Request.UrlReferrer != null)
   {
    strPreviousPage = Request.UrlReferrer.Segments[Request.UrlReferrer.Segments.Length - 1];          
    }        
if(strPreviousPage =="")
    {
      Response.Redirect("~/Login.aspx");
     }

这个适用于我。 Asheej Kommery&＃39; s .NET博客 - 如何限制用户在ASP.NET中的浏览器地址栏中复制和粘贴URL [ ^ ] [ ^ ]

这篇关于如何授权注册用户访问网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！