表单身份验证问题 [英] Forms Authentication Issue
问题描述
大家好,
我正在开发Web应用程序,其中我有一个登录页面,另一个用户将在成功登录时重定向到该页面。我想阻止直接访问另一个未经身份验证的用户页面。众所周知,要做到这一点,FORMS AUTHENTICATION是最好的方法。我对web.config进行了以下更改:
< 身份验证 mode = 表格 >
< 表格 < span class =code-attribute> loginUrl = Login.aspx / >
< / authentication >
< 授权 >
< deny 用户 = ? / >
< / authorization >
现在,我的问题是,如何确定天气,用户是否经过身份验证?当用户输入用户名和用户时,我已经这样做了密码,成功登录后,将使用用户名pa重定向到主页面ssed as query string:
Response.Redirect(Default.aspx?uname =+ uname +);
i已经通过google上的somany教程,但无法弄清楚如何确定用户身份。请建议我克服这个问题的方法。
问候
使用会话或cookie来存储userId特定用户实例。通过存储用户ID,您可以在应用程序的任何页面上获得用户ID。
在login.aspx.cs
请执行以下操作/>
会话[userId] = YourAuthenticatedUserId;
在每个页面或母版页.cs文件中。请执行以下操作
如果(会话[userId] == null)
{
Response.Redirect (Login.aspx);
}
else
{
//您的身份验证用户代码
}
您可以使用以下指南
< authorization>
< deny users =?>
但您可以参考以下网址了解更多详情
http://www.codeproject.com/Articles/ 13872 /表单的认证和授权,在-ASP-NET
Hello everyone,
I am working on the web application in which i have one login page and the other page to which user will be redirected on successful login.I want to prevent direct access to that another page for unauthenticated users.As we all know,to accomplish this,FORMS AUTHENTICATION is the best way.I have made following changes to web.config:
<authentication mode="Forms">
<forms loginUrl="Login.aspx"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
Now,My question is,how to determine weather,user is authenticated or not?I have done that when user types in the username and the password,on successful login,it will be redirected to the main page with username passed as query string:
Response.Redirect("Default.aspx?uname=" + uname + "");
i have gone through somany tutorials on google,but not able to figure out how to determine users identity.Please suggest me the ways to overcome this issue.
Regards
Use session or cookies to store userId for that specific user instance. Through storing user id you can get user id on any page of your application.
In login.aspx.cs
Do following
Session["userId"] = YourAuthenticatedUserId;
On every page or in master page .cs file. Do the following
If(Session["userId]== null)
{
Response.Redirect("Login.aspx");
}
else
{
// Your code for authenticated user
}
You can use the following guide lines
<authorization>
<deny users="?">
however you can refer following URL for more details
http://www.codeproject.com/Articles/13872/Form-authentication-and-authorization-in-ASP-NET
这篇关于表单身份验证问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
