用membership可以把权限控制在某个目录吗?解决思路
日期:2014-05-19 浏览次数:20673 次
用membership可以把权限控制在某个目录吗?
我想控制角色的权限在某个目录下 如: wwwroot\personal\下。
用membership可以实现吗?
------解决方案--------------------
当然可以 ,和不用membership的时候一样,你可以在Web.config里面进行设置 <location> ..... </location> .
------解决方案--------------------
Web.Config配置:
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug= "true "/>
<authentication mode= "Forms ">
<forms loginUrl= "login.aspx " name= ".ASPXFORMSAUTH " protection= "All " timeout= "30 " path= "formsAuthenticate " />
</authentication>
</system.web>
<location path= "formsAuthenticate ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "* "/>
</authorization>
</system.web>
</location>
</configuration>
文件夹列表:
|-Login.aspx
|-formsAuthenticate
|-Index.aspx
|-Web.Config
Login.aspx里有个Button
protected void Button1_Click(object sender, EventArgs e)
{
if (1 == 1)//验证合法性
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( "ss ", true, 1);
string hashTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket);
Context.Response.Cookies.Add(cookie);
Response.Redirect(Request[ "ReturnUrl "]);
}
}
测试时直接打开Index.aspx 时它会转到 Login 页面,点击按钮后则可以访问!而根目录下其他文件无需验证即可访问!
------解决方案--------------------
<!--文件路径权限控制-->
<location path= "admin ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "Administrator "/>
</authorization>
</system.web>
------解决方案--------------------
快速入门里面有详细例子
我想控制角色的权限在某个目录下 如: wwwroot\personal\下。
用membership可以实现吗?
------解决方案--------------------
当然可以 ,和不用membership的时候一样,你可以在Web.config里面进行设置 <location> ..... </location> .
------解决方案--------------------
Web.Config配置:
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug= "true "/>
<authentication mode= "Forms ">
<forms loginUrl= "login.aspx " name= ".ASPXFORMSAUTH " protection= "All " timeout= "30 " path= "formsAuthenticate " />
</authentication>
</system.web>
<location path= "formsAuthenticate ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "* "/>
</authorization>
</system.web>
</location>
</configuration>
文件夹列表:
|-Login.aspx
|-formsAuthenticate
|-Index.aspx
|-Web.Config
Login.aspx里有个Button
protected void Button1_Click(object sender, EventArgs e)
{
if (1 == 1)//验证合法性
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( "ss ", true, 1);
string hashTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket);
Context.Response.Cookies.Add(cookie);
Response.Redirect(Request[ "ReturnUrl "]);
}
}
测试时直接打开Index.aspx 时它会转到 Login 页面,点击按钮后则可以访问!而根目录下其他文件无需验证即可访问!
------解决方案--------------------
<!--文件路径权限控制-->
<location path= "admin ">
<system.web>
<authorization>
<deny users= "? "/>
<allow users= "Administrator "/>
</authorization>
</system.web>
------解决方案--------------------
快速入门里面有详细例子
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
