表单身份验证重定向页面
Forms Authentication Redirect Page
我在服务器上有一个包含某些文件的目录。我需要保护这些文件,以便如果从 url 调用文件,除非在请求中传递了用户名和密码,否则它不会下载。
目前,我将该目录部署为 IIS 中的应用程序并添加了以下 Web 配置:
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authentication mode="Forms">
<forms loginUrl="logon.aspx" name=".ASPXFORMSAUTH" protection="All" defaultUrl="/" path="?">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<directoryBrowse enabled="true" />
<httpRedirect enabled="true" destination="/logon.aspx" />
</system.webServer>
</configuration>
和以下登录页面:
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<script runat="server">
Sub Logon_Click(ByVal sender As Object, ByVal e As EventArgs)
If ((UserEmail.Text = "jchen@contoso.com") And _
(UserPass.Text = "37Yj*99Ps")) Then
FormsAuthentication.RedirectFromLoginPage _
(UserEmail.Text, Persist.Checked)
Else
Msg.Text = "Invalid credentials. Please try again."
End If
End Sub
</script>
<html>
<head id="Head1" runat="server">
<title>Forms Authentication - Login</title>
</head>
<body>
<form id="form1" runat="server">
<h3>
Logon Page</h3>
<table>
<tr>
<td>
E-mail address:</td>
<td>
<asp:TextBox ID="UserEmail" runat="server" /></td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1"
ControlToValidate="UserEmail"
Display="Dynamic"
ErrorMessage="Cannot be empty."
runat="server" />
</td>
</tr>
<tr>
<td>
Password:</td>
<td>
<asp:TextBox ID="UserPass" TextMode="Password"
runat="server" />
</td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator2"
ControlToValidate="UserPass"
ErrorMessage="Cannot be empty."
runat="server" />
</td>
</tr>
<tr>
<td>
Remember me?</td>
<td>
<asp:CheckBox ID="Persist" runat="server" /></td>
</tr>
</table>
<asp:Button ID="Submit1" OnClick="Logon_Click" Text="Log On"
runat="server" />
<p>
<asp:Label ID="Msg" ForeColor="red" runat="server" />
</p>
</form>
</body>
</html>
我还没有尝试在 android 应用程序的请求中传递用户名和密码(我最终想做的)但是我调用了 URL link如果 URL 是目录,但当 URL 指向如下文件时,网络和登录页面显示成功:MYURL/test/test.txt
然后文件出现,登录页面不显示。请任何帮助表示赞赏。我是新手。
我将网络配置更改为以下内容。改变 system.webServer
<system.webServer>
<modules>
<add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
</modules>
</system.webServer>
我在服务器上有一个包含某些文件的目录。我需要保护这些文件,以便如果从 url 调用文件,除非在请求中传递了用户名和密码,否则它不会下载。
目前,我将该目录部署为 IIS 中的应用程序并添加了以下 Web 配置:
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.web>
<authentication mode="Forms">
<forms loginUrl="logon.aspx" name=".ASPXFORMSAUTH" protection="All" defaultUrl="/" path="?">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<directoryBrowse enabled="true" />
<httpRedirect enabled="true" destination="/logon.aspx" />
</system.webServer>
</configuration>
和以下登录页面:
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<script runat="server">
Sub Logon_Click(ByVal sender As Object, ByVal e As EventArgs)
If ((UserEmail.Text = "jchen@contoso.com") And _
(UserPass.Text = "37Yj*99Ps")) Then
FormsAuthentication.RedirectFromLoginPage _
(UserEmail.Text, Persist.Checked)
Else
Msg.Text = "Invalid credentials. Please try again."
End If
End Sub
</script>
<html>
<head id="Head1" runat="server">
<title>Forms Authentication - Login</title>
</head>
<body>
<form id="form1" runat="server">
<h3>
Logon Page</h3>
<table>
<tr>
<td>
E-mail address:</td>
<td>
<asp:TextBox ID="UserEmail" runat="server" /></td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1"
ControlToValidate="UserEmail"
Display="Dynamic"
ErrorMessage="Cannot be empty."
runat="server" />
</td>
</tr>
<tr>
<td>
Password:</td>
<td>
<asp:TextBox ID="UserPass" TextMode="Password"
runat="server" />
</td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator2"
ControlToValidate="UserPass"
ErrorMessage="Cannot be empty."
runat="server" />
</td>
</tr>
<tr>
<td>
Remember me?</td>
<td>
<asp:CheckBox ID="Persist" runat="server" /></td>
</tr>
</table>
<asp:Button ID="Submit1" OnClick="Logon_Click" Text="Log On"
runat="server" />
<p>
<asp:Label ID="Msg" ForeColor="red" runat="server" />
</p>
</form>
</body>
</html>
我还没有尝试在 android 应用程序的请求中传递用户名和密码(我最终想做的)但是我调用了 URL link如果 URL 是目录,但当 URL 指向如下文件时,网络和登录页面显示成功:MYURL/test/test.txt 然后文件出现,登录页面不显示。请任何帮助表示赞赏。我是新手。
我将网络配置更改为以下内容。改变 system.webServer
<system.webServer>
<modules>
<add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />
<remove name="UrlAuthorization" />
<add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
<remove name="DefaultAuthentication" />
<add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" />
</modules>
</system.webServer>