web.config:
configuration> <location path="Admin"> <!--注意:该节点最好跟在</system.web>之后,尽管这两个节点可能在web.config文件中相隔比较远,不要觉得有什么疑惑。下面是对Admin文件夹的访问权限的配置。--> <system.web> <authorization> <deny users="?"/> <!--阻止匿名用户访问--> </authorization> </system.web> </location> <system.web> <authentication mode="Forms"> <!--默认状态下位Windows--> <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" name=".ASPXFORMSAUTH"></forms> </authentication> <authorization> <allow users="*"/> <!--允许任何访问者访问--> </authorization> </system.web> </configuration>
页面
login.aspx页面
<div> <asp:TextBox ID="TextBox1" runat="server"> </asp:TextBox><br /> <asp:TextBox ID="TextBox2" runat="server"></asp:TextBox><br /> <asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" /> </div>
Login.aspx.cs后台
if (this.TextBox1.Text == "Admin" && this.TextBox2.Text == "123456") { Session["username"] = this.TextBox1.Text; System.Web.Security.FormsAuthentication.RedirectFromLoginPage(this.TextBox1.Text, false); }
Index.aspx页面
<div> index<%=Session["username"] %> </div> <asp:Button ID="Button1" runat="server" Text="退出" OnClick="Button1_Click" />
Index.aspx.cs后台
protected void Button1_Click(object sender, EventArgs e) { Session["username"]=null; FormsAuthentication.SignOut(); }