Asp.net页面登录验证 [英] Asp.net Page Login Validation

问题描述

我正在创建一个应用程序.当用户注销页面进入登录页面时.但用户单击浏览器后退按钮，然后转到上一个访问页面.因此如果未授权的用户，如何控制用户看不到上一页.
如果可能的话，请发送项目示例.

I am create a application. When user logout page is go to login page. but user is click to browser back button then go to previous visit page. so how to control user not see the previous page if it is not authorized user.
If possible please send the sample of project.

推荐答案

看看这个技巧/窍门: Tips/135121/Browser-back-button-issue-after-logout.aspx>注销后浏览器后退按钮问题 [

Have a look at this tip/trick: Browser back button issue after logout[^]

使用表单身份验证.
在web.config
上使用类似的东西

Use Forms Authentication.
Use some thing like this at web.config

<location path="secure">
    <system.web>
      <authorization>
        <deny users="?"/>
        <deny users="jhon"/>
      </authorization>
    </system.web>
  </location>

secure是一个包含安全Web表单的文件夹.

secure is a folder which contains your secure webforms.

<authentication mode="Forms">
      <forms loginUrl="Default.aspx"

           protection="All"

           timeout="30"

           name=".ASPXAUTH"

           path="/"

           requireSSL="false"

           slidingExpiration="true"

           defaultUrl="default.aspx"

           cookieless="UseDeviceProfile"

           enableCrossAppRedirects="false" >
        <credentials passwordFormat="Clear">
          <user name="kim" password="kim@123"/>
          <user name="jhon" password="jhonn"/>
        </credentials>
      </forms>
    </authentication>

现在在服务器端代码

Default.aspx是您的登录表单，拖动两个文本框和一个按钮
在按钮单击事件时，编写以下代码. Default2.aspx是目标页面.安全是一个文件夹，其中可以包含要确保安全的Web表单

Now at server side code

Default.aspx is your login form, Drag Two TextBoxes and a Button
at click event of button write following code. Default2.aspx is destination page. Secure is a folder which can have webforms which you wants to make secure

if (FormsAuthentication.Authenticate(TextBox1.Text, TextBox2.Text))
        {
            FormsAuthentication.SetAuthCookie(
                 this.TextBox1.Text.Trim(), false);

            FormsAuthenticationTicket ticket1 =
               new FormsAuthenticationTicket(
                    1,                                   // version
                    this.TextBox1.Text.Trim(),   // get username  from the form
                    DateTime.Now,                        // issue time is now
                    DateTime.Now.AddMinutes(10),         // expires in 10 minutes
                    false,      // cookie is not persistent
                    "HR"                              // role assignment is stored
                // in userData
                    );
            HttpCookie cookie1 = new HttpCookie(
              FormsAuthentication.FormsCookieName,
              FormsAuthentication.Encrypt(ticket1));
            Response.Cookies.Add(cookie1);

            // 4. Do the redirect. 
            String returnUrl1;
            // the login is successful
            if (Request.QueryString["ReturnUrl"] == null)
            {
                returnUrl1 = "Default2.aspx";
            }

            //login not unsuccessful 
            else
            {
                returnUrl1 = Request.QueryString["ReturnUrl"];
            }
            Response.Redirect(returnUrl1);

        }

这篇关于Asp.net页面登录验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！