在开发中我们经常用到某些页面不允许匿名用户登陆的功能.
设置某些页面不允许匿名登陆,和匿名时跳转的页面
<?
xml version="1.0" encoding="utf-8"
?>
< configuration >
<!-- application specific settings -->
< appSettings >
< add key ="ConnectionString" value ="server=.;uid=sa;pwd=;database=Store" />
</ appSettings >
<!-- forms based authentication -->
< system .web >
< compilation
defaultLanguage ="c#"
debug ="true" />
<!-- enable Forms authentication -->
< authentication mode ="Forms" >
< forms name ="IBuySpyStoreAuth" loginUrl ="login.aspx" protection ="All" path ="/" />
</ authentication >
<!-- enable custom errors for the application -->
< customErrors mode ="RemoteOnly" defaultRedirect ="ErrorPage.aspx" />
<!-- disable session state for application -->
< sessionState mode ="Off" />
</ system.web >
<!-- set secure paths -->
< location path ="Checkout.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
< location path ="OrderList.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
< location path ="OrderDetails.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
</ configuration >
< configuration >
<!-- application specific settings -->
< appSettings >
< add key ="ConnectionString" value ="server=.;uid=sa;pwd=;database=Store" />
</ appSettings >
<!-- forms based authentication -->
< system .web >
< compilation
defaultLanguage ="c#"
debug ="true" />
<!-- enable Forms authentication -->
< authentication mode ="Forms" >
< forms name ="IBuySpyStoreAuth" loginUrl ="login.aspx" protection ="All" path ="/" />
</ authentication >
<!-- enable custom errors for the application -->
< customErrors mode ="RemoteOnly" defaultRedirect ="ErrorPage.aspx" />
<!-- disable session state for application -->
< sessionState mode ="Off" />
</ system.web >
<!-- set secure paths -->
< location path ="Checkout.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
< location path ="OrderList.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
< location path ="OrderDetails.aspx" >
< system .web >
< authorization >
< deny users ="?" />
</ authorization >
</ system.web >
</ location >
</ configuration >
using System.Web.Security; //导入安全命名空间
FormsAuthentication.RedirectFromLoginPage("name", false); //验证,后面是否保存Cookie
将已验证的用户从定向回最初请求的URL 默认定向到 default.aspx 页