在 ASP.NET 2.0 WebForms 中使用 UrlRewrite 时如何优雅地处理 ReturnUrl [英] How to elegantly handle ReturnUrl when using UrlRewrite in ASP.NET 2.0 WebForms

问题描述

我有一个包含多个 .aspx 页面的文件夹，我想限制对这些页面的访问.我已使用 <deny users="?"/> 将 web.config 添加到该文件夹​​中.

I have a folder with multiple .aspx pages that I want to restrict access to. I have added web.config to that folder with <deny users="?"/>.

问题是，当我使用 UrlRewrite 时，ReturnUrl 是使用 .aspx 文件的物理路径自动生成的.

The problem is that ReturnUrl is auto-generated with physical path to the .aspx file while I'm using UrlRewrite.

有没有办法在不进行手动身份验证检查和重定向的情况下操作 ReturnUrl?有没有办法从代码隐藏或 web.config 设置 ReturnUrl?

Is there a way to manipulate ReturnUrl without doing manual authentication check and redirection? Is there a way to set ReturnUrl from code-behind or from web.config?

编辑:应用程序使用 ASP.NET 2.0 WebForms.我无法使用 3.5 路由.

EDIT: The application is using ASP.NET 2.0 WebForms. I cannot use 3.5 routing.

EDIT 2:似乎从未捕获 401 状态代码.它为受保护的页面返回 302 并使用 ReturnUrl 重定向到登录页面.它不会为受保护的页面返回 401.嗯...有趣...参考:http://msdn.microsoft.com/en-us/library/aa480476.aspx

EDIT 2: It seems like 401 status code is never captured. It returns 302 for protected page and redirects to login page with ReturnUrl. It does not return 401 for protected page. Hmm... Interesting... Ref: http://msdn.microsoft.com/en-us/library/aa480476.aspx

这让事情变得更难了...我可能必须编写反向重写映射规则来正则表达式匹配 ReturnUrl 并在它不返回 401 时替换它...如果它返回 401 我可以将 RawUrl 设置为 Response.RedirectLocation或用 RawUrl 替换 ReturnUrl.

This makes things harder... I might have to write reverse rewrite mapping rules to regex match ReturnUrl and replace it if it doesn't return 401... If it does return 401 I can either set RawUrl to Response.RedirectLocation or replace ReturnUrl with RawUrl.

还有其他人有其他想法吗?

Anyone else have any other ideas?

推荐答案

我最终检查了 Url 中是否存在 ReturnUrl，并在 Global.asax 的 EndRequest 阶段将其替换为 RawUrl.这现在对我有用...

I ended up checking for existence of ReturnUrl in the Url and replacing it with RawUrl in EndRequest stage in Global.asax. This works for me for now...

这个博文 帮助我进行了设置.

This blog post helped me setting it up.

protected void Application_EndRequest(object sender, EventArgs e)
{
    string redirectUrl = this.Response.RedirectLocation;
    if (!this.Request.RawUrl.Contains("ReturnUrl=") && !string.IsNullOrEmpty(redirectUrl))
    {
        this.Response.RedirectLocation = Regex.Replace(redirectUrl, "ReturnUrl=(?'url'[^&]*)", delegate(Match m)
        {
            return string.Format("ReturnUrl={0}", HttpUtility.UrlEncode(this.Request.RawUrl));
        }, RegexOptions.Singleline | RegexOptions.IgnoreCase | RegexOptions.ExplicitCapture);
    }
}

这篇关于在 ASP.NET 2.0 WebForms 中使用 UrlRewrite 时如何优雅地处理 ReturnUrl的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！