日期:2014-05-19  浏览次数:20685 次

用membership可以把权限控制在某个目录吗?
我想控制角色的权限在某个目录下     如:   wwwroot\personal\下。
用membership可以实现吗?

------解决方案--------------------
当然可以 ,和不用membership的时候一样,你可以在Web.config里面进行设置 <location> ..... </location> .
------解决方案--------------------
Web.Config配置:
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug= "true "/>
<authentication mode= "Forms ">
<forms loginUrl= "login.aspx " name= ".ASPXFORMSAUTH " protection= "All " timeout= "30 " path= "formsAuthenticate " />
</authentication>
</system.web>
<location path= "formsAuthenticate ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "* "/>
</authorization>
</system.web>
</location>
</configuration>


文件夹列表:
|-Login.aspx
|-formsAuthenticate
|-Index.aspx
|-Web.Config

Login.aspx里有个Button
protected void Button1_Click(object sender, EventArgs e)
{
if (1 == 1)//验证合法性
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( "ss ", true, 1);
string hashTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket);
Context.Response.Cookies.Add(cookie);
Response.Redirect(Request[ "ReturnUrl "]);
}
}

测试时直接打开Index.aspx 时它会转到 Login 页面,点击按钮后则可以访问!而根目录下其他文件无需验证即可访问!
------解决方案--------------------
<!--文件路径权限控制-->
<location path= "admin ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "Administrator "/>
</authorization>
</system.web>
------解决方案--------------------
快速入门里面有详细例子