窗体身份验证asp.net VB [英] forms authentication asp.net vb
问题描述
我有一个登录页面是主页让位于www.domainname.com
当有人进入这个网页它在增加了一个RETURNURL字符串,使他们分别是:
www.domainname.com/default.aspx?ReturnUrl=%2f所以当他们登录他们得到返回 HTTP: //www.domainname.com/ ,这又是登录页面,所以访问他们不得不两次登录该网站。
有谁知道如何解决这一问题?我想修复这个是允许的主页所有人访问 - http://www.domainname.com/ 以及 http://www.domainname.com/default.aspx 但我也不太清楚如何达致这。
我希望所有的用户角色被拒绝访问除了主页,他们登录后才每一页,我也有一个管理/ CMS部分,只有管理员角色可以访问,但每个人都可以访问CMS登录页面。
目前,我有这个在我的web.config
<身份验证模式=表格>
<形成保护=全部loginUrl =的Default.aspxdefaultUrl =〜/家//>
< /认证>
<授权>
<让角色=管理员,用户/>
<拒绝用户=? />
< /授权> <位置路径=Default.aspx的>
<&的System.Web GT;
<授权>
<让用户=*/>
< /授权>
< /system.web>
< /地点><位置路径=CMS / Default.aspx的>
<&的System.Web GT;
<授权>
<让用户=*/>
< /授权>
< /system.web>
< /地点><位置路径=CMS>
<&的System.Web GT;
<授权>
<让角色=管理/>
<拒绝用户=*/>
< /授权>
< /system.web>
< /地点>
嗯,我似乎已经做了一点运气。
我刚换
<身份验证模式=表格>
<形成保护=全部loginUrl =的Default.aspxdefaultUrl =〜/家//>
< /认证>
要
<身份验证模式=表格>
<形成保护=全部loginUrl =/defaultUrl =〜/家//>
< /认证>
I have a log in page which is the home page so is located at www.domainname.com
when someone goes to this page it adds a returnurl to the string so they are at:
www.domainname.com/default.aspx?ReturnUrl=%2f so when they log in they get returned to http://www.domainname.com/, which is the login page again, so to access the site they have to login twice.
Does anyone know how to fix this? I think a fix to this would be to allow everyone access to the home page - http://www.domainname.com/ as well as http://www.domainname.com/default.aspx but i'm not sure how to acheive this.
I want all user roles to be denied access to every page apart from the home page before they login, i also have an admin/cms section that only Admin roles can access but everyone can access the cms login page.
I currently have this in my web.config
<authentication mode="Forms">
<forms protection="All" loginUrl="default.aspx" defaultUrl="~/home/" />
</authentication>
<authorization>
<allow roles="Admin, User"/>
<deny users="?" />
</authorization>
<location path="default.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="cms/default.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="cms">
<system.web>
<authorization>
<allow roles="Admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
Well i seemed to have done it a bit by luck.
I just changed
<authentication mode="Forms">
<forms protection="All" loginUrl="default.aspx" defaultUrl="~/home/" />
</authentication>
To
<authentication mode="Forms">
<forms protection="All" loginUrl="/" defaultUrl="~/home/" />
</authentication>
这篇关于窗体身份验证asp.net VB的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!