如何在asp.net中创建安全登录 [英] how to create secure login in asp.net
问题描述
-它应该是网站的首页,没有登录或至少要求登录就不能访问其他页面.
-如果您有任何示例,请提供代码建议,我真的很需要.
-它必须与sql server一起使用
- it should be first page of the site and no other page can access without login or at least ask for login.
- suggest with code if you have any samples, I really need it.
- it must work with sql server
推荐答案
<authentication mode="Forms">
<forms defaultUrl="Secured/Default.aspx" loginUrl="Login.aspx">
</forms>
</authentication>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
在
后面的代码中
in the code behind
protected void btn_Submit_Click(object sender, EventArgs e)
{
if (TextBox1.Text == "UserName")
{
if (TextBox2.Text == "Password")
{
// Response.Redirect("~/Secured/Secured2.aspx");
FormsAuthentication.RedirectFromLoginPage(TextBox1.Text, false);
}
else
{
Label1.Text = "Enter Correct Password";
}
}
else
{
Label1.Text = "Enter Correct User Name";
}
}
Use Forms Authentication for that
try this link
Link [^]
我认为您需要阅读一些有关身份验证及其在IIS环境中如何工作的知识.您所要求的内容不应仅在代码和SQL Server中处理.您应该合并内置的IIS身份验证过程以实现您的目标.
查看一些
I think you need to read up a bit on authentication and how it works in an IIS environment. What you are asking for should not be handled only in code and SQL Server. You should incorporate built in IIS authentication processes to achieve your goal.
Check out some of these links.
使用表单身份验证.
在web.config
上使用类似的东西
Use Forms Authentication.
Use some thing like this at web.config
<location path="secure">
<system.web>
<authorization>
<deny users="?"/>
<deny users="jhon"/>
</authorization>
</system.web>
</location>
secure是一个包含安全Web表单的文件夹.
secure is a folder which contains your secure webforms.
<authentication mode="Forms">
<forms loginUrl="Default.aspx"
protection="All"
timeout="30"
name=".ASPXAUTH"
path="/"
requireSSL="false"
slidingExpiration="true"
defaultUrl="default.aspx"
cookieless="UseDeviceProfile"
enableCrossAppRedirects="false" >
<credentials passwordFormat="Clear">
<user name="kim" password="kim@123"/>
<user name="jhon" password="jhonn"/>
</credentials>
</forms>
</authentication>
现在在服务器端代码
Default.aspx是您的登录表单,拖动两个文本框和一个按钮
在按钮单击事件时,编写以下代码. Default2.aspx是目标页面.安全是一个文件夹,其中可以包含要确保安全的Web表单
Now at server side code
Default.aspx is your login form, Drag Two TextBoxes and a Button
at click event of button write following code. Default2.aspx is destination page. Secure is a folder which can have webforms which you wants to make secure
if (FormsAuthentication.Authenticate(TextBox1.Text, TextBox2.Text))
{
FormsAuthentication.SetAuthCookie(
this.TextBox1.Text.Trim(), false);
FormsAuthenticationTicket ticket1 =
new FormsAuthenticationTicket(
1, // version
this.TextBox1.Text.Trim(), // get username from the form
DateTime.Now, // issue time is now
DateTime.Now.AddMinutes(10), // expires in 10 minutes
false, // cookie is not persistent
"HR" // role assignment is stored
// in userData
);
HttpCookie cookie1 = new HttpCookie(
FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket1));
Response.Cookies.Add(cookie1);
// 4. Do the redirect.
String returnUrl1;
// the login is successful
if (Request.QueryString["ReturnUrl"] == null)
{
returnUrl1 = "Default2.aspx";
}
//login not unsuccessful
else
{
returnUrl1 = Request.QueryString["ReturnUrl"];
}
Response.Redirect(returnUrl1);
}
这是保护网络表单的最佳选择之一
This is one of the best option to secure a webform
这篇关于如何在asp.net中创建安全登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
