C# Web.config权限控制与授权

版权声明:转载原创文章请以超链接形式请注明原文章出处,尊重作者,尊重原创!


恰饭广告




Web.config配置:(权限控制)

<?xml version="1.0" encoding="utf-8"?>

<!--
  有关如何配置 ASP.NET 应用程序的详细信息,请访问
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->

<configuration>
  <system.web>
    <customErrors mode="On" defaultRedirect="login.aspx">
      <error statusCode="404" redirect="login.aspx"/>
      <error statusCode="500" redirect="login.aspx"/>
      <error statusCode="502" redirect="login.aspx"/>
    </customErrors>
    <!--session有效期1天-->
    <sessionState mode="InProc" timeout="1440"/>
    <!--上传限制为1G-->
    <httpRuntime maxRequestLength="1073741824"   executionTimeout="3600" useFullyQualifiedRedirectUrl="true" requestValidationMode="2.0" />
    <compilation debug="true" targetFramework="4.0" />
    <authentication mode="Forms">
      <forms loginUrl="/" cookieless="UseCookies" defaultUrl="login.aspx"/>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>
  </system.web>

  <!--允许地址栏访问页面-->
  <location path="login.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="SalesMGT/retail.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="customerLogin.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="BasicInfor/bookBasicManagement.aspx">
    <system.web>
      <authorization>
        <allow roles="customer,staff"/>
      </authorization>
    </system.web>
  </location>

  <location path="SalesMGT/booksOut.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="SalesMGT/retailRank.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
  <location path="SalesMGT/salesRanking.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>

</configuration>

页面使用:(页面授权)

Response.Cookies[FormsAuthentication.FormsCookieName].Value = null;
FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, account, DateTime.Now, DateTime.Now.AddDays(1), true, "staff"); //建立身份验证票对象 
string HashTicket = FormsAuthentication.Encrypt(Ticket); //加密序列化验证票为字符串 
Session["HashTicket"] = HashTicket;
HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket); //生成Cookie 
Context.Response.Cookies.Add(UserCookie); //票据写入Cookie

原文链接:https://www.idaobin.com/archives/1999.html

让我恰个饭吧.ヘ( ̄ω ̄ヘ)

支付宝 ——————- 微信
图片加载中图片加载中



恰饭广告

发表评论

电子邮件地址不会被公开。 必填项已用*标注

− 2 = 1