使用路由没有MVC:验证表单 [英] Using Routing without MVC: authentication form
问题描述
现在我想用System.Web.Routing工作。一切都很好,但我不明白如何使URL路由(返回URL,重定向等)形式的认证工作。谷歌说,什么都没有。帮帮我! :)
Now I'm trying to work with System.Web.Routing. All is just fine, but I can't understand how to make form authentication work with url routing (return url, redirection, etc). Google says nothing. Help! :)
UPD:我忘了 - 我不使用MVC 。那就是问题所在。如何使用rounig和形式验证,而不MVC
UPD: I forgot - I don't use MVC. That's the problem. How to use rounig and form authentication without MVC
UPD2:更多关于我的问题
我要得到什么:网址这样的 mysite.com/content/123 , mysite.com/login / 等使用途径。使登录页面就像常规ASP.NET登录表单,这一点很重要(重定向从安全区域登录时,不登录,并重定向回安全区域loggined时)。
这是我在做什么。
在的Global.asax 在的Application_Start ,这样注册路线:
UPD2: more about my problem
What I want to get: urls such "mysite.com/content/123", "mysite.com/login/", etc using Routes. It’s important to make login page works like "regular" ASP.NET login form (redirects to login from secure area when not login on, and redirect back to secure area when loggined).
That’s what I’m doing.
In global.asax on Application_Start, register routes like this:
routes.Add("LoginPageRoute", new Route("login/", new CustomRouteHandler("~/login.aspx")));
routes.Add("ContentRoute", new Route("content/{id}", new ContentRoute("~/content.aspx"))
{
Constraints = new RouteValueDictionary {{ "id", @"\d+" }}
});
其中, CustomRouteHandler 和 ContentRoute - 简单的 IRouteHandler 班, 就像:
...
Where CustomRouteHandler and ContentRoute – simple IRouteHandler classes, just like:
...
public IHttpHandler GetHttpHandler(RequestContext requestContext)
{
var page = BuildManager.CreateInstanceFromVirtualPath(VirtualPath, typeof(Page)) as IHttpHandler;
return page;
}
...
一切似乎是完美的:我收到 content.aspx 时转到/内容/ 10和的login.aspx 时转到/登录/。但是...
当我做担保的内容(在的web.config 与否认=?),登录表单不工作像预期的。
现在我不能达到/内容/ 10页:
0 我打字/内容/ 10在我的浏览器。
1 网站重定向到/登录/?RETURNURL =%2fcontent%2F10。 (嗯...好像所有的问题从这里开始,对不对?:)
2 我试图登录。无论我输入的内容凭据我...
3 ...网站重定向我登录RETURNURL =%2fContent%2F10?(错误黄屏 - 访问被拒绝说明:在访问服务于这个请求的服务器所需的资源可能未配置为访问所请求的URL时出现错误。)
那么,问题是如何得到ASP.NET了解真正的 RETURNURL 并登录后提供重定向。
All seems to be perfect: I’m getting content.aspx when go to "/content/10" and login.aspx when go to "/login/". But…
When I make content secured (in web.config, with deny="?"), login form doesn’t work like expected.
Now I can’t reach the "/content/10" page:
0. I’m typing "/content/10" in my browser.
1. Site redirects to "/login/?ReturnUrl=%2fcontent%2f10". (Hm… seems like all problems starts here, right? :)
2. I’m trying to log in. No matter what credentials I’m entered…
3. …site redirects me to "login?ReturnUrl=%2fContent%2f10" (yellow screen of error - Access is denied. Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.)
So, the problem is how to get ASP.NET understand real ReturnUrl and provide redirection after login.
推荐答案
这些步骤应该让你实现所需的行为。
总结:
These steps should allow you to implement the required behaviour.
To summarize:
- 您正在使用路由而不是MVC。我的例子如 HTTP的URL映射://主机/ MYSITE /用户名/ 12345 到一个真实的页面 HTTP://host/Mysite/Pages/users.aspx用户id = 12345
- 您想控制访问这些地址,要求用户登录。我的例子有一个网页。 HTTP://host/Mysite/login.aspx 与标准登录控制,并该网站被配置为使用窗体身份验证。
- You are using routing but not MVC. My example will map a url like http://host/Mysite/userid/12345 onto a real page at http://host/Mysite/Pages/users.aspx?userid=12345.
- You want to control access to these addresses, requiring the user to logon. My example has a page http://host/Mysite/login.aspx with a standard login control, and the site is configured to use forms authentication.
我已经潜伏的Pages文件夹中的Pages文件夹使用该web.config中的内容:
Step 1
I've "hidden" the contents of the Pages folder using this web.config in the Pages folder:
<?xml version="1.0"?>
<configuration>
<system.web>
<httpHandlers>
<add path="*" verb="*"
type="System.Web.HttpNotFoundHandler"/>
</httpHandlers>
<pages validateRequest="false">
</pages>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<handlers>
<remove name="BlockViewHandler"/>
<add name="BlockViewHandler" path="*" verb="*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler"/>
</handlers>
</system.webServer>
</configuration>
这可以确保如果有人使用像 HTTP的URL://主机/ MYSITE /页/users.aspx?userid=12345 ,那么他们得到一个标准的404响应。
This ensures that if anyone uses a url like http://host/Mysite/Pages/users.aspx?userid=12345, then they receive a standard 404 response.
我顶层的web.config文件包含(以及所有标准的东西)这个位置元素:
My top level web.config file contains (as well as all the standard stuff) this location element:
<location path="userid">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
这prevents匿名访问的形式
This prevents anonymous access to urls of the form http://host/Mysite/userid/12345 which means users will be automatically redirected to login.aspx, then if they provide valid credentials, they will be redirected to the correct location.
有关参考,这里是我的Global.asax:
For reference here is my global.asax:
<script RunAt="server">
void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
RegisterRoutes(RouteTable.Routes);
}
public static void RegisterRoutes(RouteCollection routes)
{
routes.RouteExistingFiles = true;
routes.Add("UseridRoute", new Route
(
"userid/{userid}",
new CustomRouteHandler("~/Pages/users.aspx")
));
}
</script>
这是我的路由处理:
And here is my route handler:
using System.Web.Compilation;
using System.Web.UI;
using System.Web;
using System.Web.Routing;
using System.Security;
using System.Web.Security;
public interface IRoutablePage
{
RequestContext RequestContext { set; }
}
public class CustomRouteHandler : IRouteHandler
{
public CustomRouteHandler(string virtualPath)
{
this.VirtualPath = virtualPath;
}
public string VirtualPath { get; private set; }
public IHttpHandler GetHttpHandler(RequestContext
requestContext)
{
var page = BuildManager.CreateInstanceFromVirtualPath
(VirtualPath, typeof(Page)) as IHttpHandler;
if (page != null)
{
var routablePage = page as IRoutablePage;
if (routablePage != null) routablePage.RequestContext = requestContext;
}
return page;
}
}
这篇关于使用路由没有MVC:验证表单的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
