<
authentication
mode
="Forms"
>
< forms name ="app" loginUrl ="bb.aspx" />
</ authentication >
< authorization >
< deny users ="?" />
</ authorization >
< forms name ="app" loginUrl ="bb.aspx" />
</ authentication >
< authorization >
< deny users ="?" />
</ authorization >
Roles.xml
<?
xml version="1.0" encoding="utf-8"
?>
< roles >
< user
name ="Bob"
roles ="Sales" />
< user
name ="Jane"
roles ="Supervisor,Sales" />
</ roles >
< roles >
< user
name ="Bob"
roles ="Sales" />
< user
name ="Jane"
roles ="Supervisor,Sales" />
</ roles >
bb.aspx
private
void
Button1_Click(
object
sender, System.EventArgs e)
{
System.Web.Security .FormsAuthentication .RedirectFromLoginPage(this.TextBox1 .Text,false);
}
{
System.Web.Security .FormsAuthentication .RedirectFromLoginPage(this.TextBox1 .Text,false);
}
Global.asax
protected
void
Application_AuthenticateRequest(Object sender, EventArgs e)
{
string strUserName;
XmlDocument objRoles;
XmlNode objNode;
string strXPath;
objRoles = GetRoles();
if ( Context.Request.IsAuthenticated )
{
strUserName = Context.User.Identity.Name;
strXPath = string.Format( "user[@name='{0}']", strUserName );
objNode = objRoles.DocumentElement.SelectSingleNode( strXPath );
if (objNode != null)
{
string[] arrRoles = objNode.Attributes["roles"].Value.Split (new char[] {','});
// 这很重要返回为 string[] 类型,要保证被分割.......
foreach(string s in arrRoles)
{
this.Response .Write (s+ arrRoles.Length .ToString ());
}
Context.User = new GenericPrincipal( Context.User.Identity, arrRoles);
}
}
}
XmlDocument GetRoles()
{
XmlDocument objRoles;
objRoles = (XmlDocument)Context.Cache[ "Roles" ];
if ( objRoles == null )
{
objRoles = new XmlDocument();
objRoles.Load( Server.MapPath( "Roles.xml" ) );
Context.Cache.Insert( "Roles", objRoles, new CacheDependency( Server.MapPath( "Roles.xml" ) ) );
}
return objRoles;
}
{
string strUserName;
XmlDocument objRoles;
XmlNode objNode;
string strXPath;
objRoles = GetRoles();
if ( Context.Request.IsAuthenticated )
{
strUserName = Context.User.Identity.Name;
strXPath = string.Format( "user[@name='{0}']", strUserName );
objNode = objRoles.DocumentElement.SelectSingleNode( strXPath );
if (objNode != null)
{
string[] arrRoles = objNode.Attributes["roles"].Value.Split (new char[] {','});
// 这很重要返回为 string[] 类型,要保证被分割.......
foreach(string s in arrRoles)
{
this.Response .Write (s+ arrRoles.Length .ToString ());
}
Context.User = new GenericPrincipal( Context.User.Identity, arrRoles);
}
}
}
XmlDocument GetRoles()
{
XmlDocument objRoles;
objRoles = (XmlDocument)Context.Cache[ "Roles" ];
if ( objRoles == null )
{
objRoles = new XmlDocument();
objRoles.Load( Server.MapPath( "Roles.xml" ) );
Context.Cache.Insert( "Roles", objRoles, new CacheDependency( Server.MapPath( "Roles.xml" ) ) );
}
return objRoles;
}
Default.aspx
if
( User.IsInRole(
"
Sales
"
) )
{
Response.Write( "You have Sales permissions!" );
// User.Identity .AuthenticationType.ToString ();
}
if (User.IsInRole ( " Supervisor " ))
{
Response.Write( "You have supervisor permissions!" );
}
{
Response.Write( "You have Sales permissions!" );
// User.Identity .AuthenticationType.ToString ();
}
if (User.IsInRole ( " Supervisor " ))
{
Response.Write( "You have supervisor permissions!" );
}