Foms验证基于角色 认识

gloable中

using System;
using System.Collections;
using System.ComponentModel;
using System.Web;
using System.Web.SessionState;
using System.Security.Permissions;
using System.Security.Principal;
using System.Web.Security;
  protected void Application_AuthenticateRequest(Object sender, EventArgs e)
  {
   //System.Security.Permissions.fo
   
   if (HttpContext.Current.User != null)
   {
    if (HttpContext.Current.User.Identity.IsAuthenticated)
    {
     if (HttpContext.Current.User.Identity is FormsIdentity)
     {
      FormsIdentity id =
       (FormsIdentity)HttpContext.Current.User.Identity;
      FormsAuthenticationTicket ticket = id.Ticket;

      // Get the stored user-data, in this case, our roles
      string userData = ticket.UserData;
      string[] roles = userData.Split(',');
      HttpContext.Current.User = new GenericPrincipal(id, roles);
     }
    }
   }
  }

 login.aspx

<%@ Page language="c#" Codebehind="Login.aspx.cs" AutoEventWireup="false" Inherits="test308_formsvalidate.Login" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
 <HEAD>
  <title>Login</title>
  <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
  <meta name="CODE_LANGUAGE" Content="C#">
  <meta name="vs_defaultClientScript" content="JavaScript">
  <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
 </HEAD>
 <body>
  <form id="Form1" method="post" runat="server">
   <p>Username: <input id="Username" runat="server" type="text" NAME="Username"><br>
    Password: <input id="Password" runat="server" type="password" NAME="Password"><br>
    <asp:Button id="btnLogin" runat="server"  Text="Login" />
    <asp:Label id="ErrorLabel" runat="Server" ForeColor="Red" Visible="false" /></p>
  </form>
 </body>
</HTML>

webconfig中

 </system.web>
 
 <location path="zimulu1">
  <system.web>
   <authorization>
    <!-- Order and case are important below -->
    <allow roles="Administrator"/>
    <deny users="*"/>
   </authorization>
  </system.web>
 </location>
 <location path="zimulu2">
  <system.web>
   <authorization>
    <!-- Order and case are important below -->
    <allow roles="User"/>
    <deny users="*"/>
   </authorization>
  </system.web>
 </location>

</configuration>

 

    <authentication mode="Forms">

   <forms name="MYWEBAPP.ASPXAUTH"
    loginUrl="Login.aspx"
    protection="All"
    path="/"/>
  </authentication>

数据库

CREATE TABLE users
(
 username nvarchar(64) CONSTRAINT users_PK PRIMARY KEY,
 password nvarchar(128),
 roles nvarchar(64)
)

CREATE INDEX credentials ON users
(
 username,
 password
)