使用表单身份验证时，重定向到登录页面失败 [英] redirect to login page is failed while using forms authentication

问题描述

  i  .e;  am  能    access   page  直接  by  指定  url  
 
   提到      web 。 config  和 < span class =code-leadattribute> loginpage   code   files  我的 要求   仅    users  谁 成功 登录    access   all     reports          默认。< span class =code-leadattribute> aspx   else  他们     重定向 到  logonsql 。 aspx  
 
 但  by  指定  网站/ reportname。 aspx   in   in   url   am  能够    access    报告  am  只是  a  初学者，  指南  me 。 谢谢 ！ 
 
  Logonsql。 aspx  .cs  

 protected void Logon_Click（object sender，EventArgs e）
 {
 string connection =Data Source = localhost; Initial Catalog = REPORTS; Persist Security Info = True;; 
 SqlConnection con = new SqlConnection（connection）; 
 SqlCommand com = new SqlCommand（CheckUser，con）; 
 com.CommandType = CommandType.StoredProcedure; 
 SqlParameter p1 = new SqlParameter（username，TextBoxusername.Text）; 
 SqlParameter p2 = new SqlParameter（password，TextBoxpassword.Text）; 
 com.Parameters.Add（p1）; 
 com.Parameters.Add（p2）; 
 con.Open（）; 
 SqlDataReader rd = com.ExecuteReader（）; 
 Session [username] = TextBoxusername.Text; 
 
 if（rd.HasRows）
 {
 rd.Read（）; 
 //Server.Transfer(\"Default.aspx）; 
 FormsAuthentication.RedirectFromLoginPage（TextBoxusername.Text，false）; 
 
} 
 
 else 
 {
 Msg.Text =凭据无效。请再试一次。; 
 
 
} 
} 
  web.config： 
 
< system.web> 
< httpRuntime targetFramework =4.0maxRequestLength =1048576executionTimeout =3600/> 
< identity impersonate =false/> 
< authentication mode =Forms> 
< forms loginUrl =LogonSql.aspxname =。ASPXFORMSAUTH/> 
< / authentication> 
< authorization> 
< deny users =？/> 
< / authorization> 
< roleManager enabled =true/> 
< membership> 
< providers /> 
< / membership> 
< httpModules> 
< remove name =WindowsAuthentication/> 
< remove name =PassportAuthentication/> 
< remove name =AnonymousIdentification/> 
< remove name =UrlAuthorization/> 
< remove name =FileAuthorization/> 
< / httpModules> 
< caching> 
< outputCache enableOutputCache =falseenableFragmentCache =falseomitVaryStar =true/> 
< / caching> 
< /system.web> 
< system.webServer> 
< validation validateIntegratedModeConfiguration =false/> 
< security> 
< requestFiltering> 
< requestLimits maxAllowedContentLength =1073741824/> 
< / requestFiltering> 
< / security> 
< /system.webServer> 

解决方案

您必须添加授权标记到您的配置文件并使用它来获得您想要的内容。这个链接可以帮助你：



http://www.aspdotnet-suresh.com/2014/03/how-to-restrict-access-to-particular.html [ ^ ]

i.e; am able to access page directly by specifying url

Below mentioned are the web.config and loginpage code files My requirement is only the users who successfully logins should access all the reports which are there in default.aspx else they should be redirected to logonsql.aspx

but by specifying the website/reportname.aspx in in url am able to access the report am just a beginner, please guide me. Thanks !

Logonsql.aspx.cs

protected void Logon_Click(object sender, EventArgs e)
{
    string connection = "Data Source=localhost;Initial Catalog=REPORTS;Persist Security Info=True;";
    SqlConnection con = new SqlConnection(connection);
    SqlCommand com = new SqlCommand("CheckUser", con);
    com.CommandType = CommandType.StoredProcedure;
    SqlParameter p1 = new SqlParameter("username", TextBoxusername.Text);
    SqlParameter p2 = new SqlParameter("password", TextBoxpassword.Text);
    com.Parameters.Add(p1);
    com.Parameters.Add(p2);
    con.Open();
    SqlDataReader rd = com.ExecuteReader();
    Session["username"] = TextBoxusername.Text;

    if (rd.HasRows)
    {
        rd.Read();
        //Server.Transfer("Default.aspx");
        FormsAuthentication.RedirectFromLoginPage(TextBoxusername.Text, false);

    }

    else
    {
        Msg.Text = "Invalid credentials. Please try again.";


    }
}
web.config :

 <system.web>
    <httpRuntime targetFramework="4.0" maxRequestLength="1048576" executionTimeout="3600"/>
    <identity impersonate="false"/>
    <authentication mode="Forms">
      <forms loginUrl="LogonSql.aspx" name=".ASPXFORMSAUTH"/>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>
    <roleManager enabled="true"/>
    <membership>
      <providers/>
    </membership>
    <httpModules>
      <remove name="WindowsAuthentication"/>
      <remove name="PassportAuthentication"/>
      <remove name="AnonymousIdentification"/>
      <remove name="UrlAuthorization"/>
      <remove name="FileAuthorization"/>
    </httpModules>
    <caching>
      <outputCache enableOutputCache="false" enableFragmentCache="false" omitVaryStar="true"/>
    </caching>
  </system.web>
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="1073741824"/>
      </requestFiltering>
    </security>
  </system.webServer>

解决方案

You will have to add authorization tag to your config file and play with it to get what you want. This link should help you with that:

http://www.aspdotnet-suresh.com/2014/03/how-to-restrict-access-to-particular.html[^]

这篇关于使用表单身份验证时，重定向到登录页面失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！