如何保护成员身份页面不受asp.net中注销用户的影响 [英] how to protect page in membership from logged out user in asp.net
问题描述
嗨
我是asp.net开发人员,但会员身份对我来说是新的,我对此拥有60%的知识.
现在的问题是我想保护没有登录状态的页面表单用户.我使用
1)login.aspx
2)logout.aspx
3)inbox.aspx
现在没有登录的用户不应该访问inbox.aspx页面,例如如果用户在地址栏中输入页面url或点击该页面,那么如果用户未登录,则应将其重定向到登录页面.
>
Hi
i am asp.net developer but membership is new for me i hv 60% knowledge of tht.
now the problem is i wanted to protect the page form user without login
ex. i hav made website with
1) login.aspx
2) logout.aspx
3) inbox.aspx
now without login user should not access inbox.aspx page like if user input page url in address bar or hit the page then he should be redirect to login page if user is not logged in.
bool authenticated = User.Identity.IsAuthenticated;;
string auth = authenticated.ToString();
if (authenticated == true)
{
MembershipUser myObject = Membership.GetUser();
//above syntax will return logged in current user
}
else
{
//redirct to login page
}
但是它对我来说并不安全,我想在大型网站中使用此概念.请问有没有人建议.
请使用asp.net用c尖笔答复
but its not looking safe to me, i wanted to use this concept in big website. plz if any body can suggest.
Please reply in c sharp with asp.net
推荐答案
这些链接可能对您有帮助
表单身份验证 [此处 [ ^ ]
These links might help you
Forms Authentication[^] and here[^]
尝试使用...
关闭页面缓存
Hi,
Try to close the page cache using ...
public static void DisablePage()
{
//Used for disabling page caching
HttpContext.Current.Response.Cache.SetExpires(DateTime.UtcNow.AddDays(-1));
HttpContext.Current.Response.Cache.SetValidUntilExpires(false);
HttpContext.Current.Response.Cache.SetRevalidation(HttpCacheRevalidation.AllCaches);
HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
HttpContext.Current.Response.Cache.SetNoStore();
}
在Page_load事件和
中调用此方法
call this method in Page_load event and
DisablePage();
if (Session["isLogged"] == null)
{
Response.Redirect("~/Default.aspx");
}
如果您使用的是母版页,则可以解决您的问题.
问候.
If you are using Master-Page you can solve your problem.
Regards.
这篇关于如何保护成员身份页面不受asp.net中注销用户的影响的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!