---------------------------------------Web.Config文件配置信息 --------------------
<authentication mode="Forms">
<forms name="app" loginUrl="Login.aspx"></forms>
</authentication>
<!--攔截頁面-->
<location path="Admin">
<system.web>
<authorization>
<allow roles="admin"/>
<!--拒絕所有其他的用戶訪問-->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="BackUp">
<system.web>
<authorization>
<!--admin bk 的用戶角色-->
<allow roles="admin,bk"/>
<!--拒絕所有用戶訪問-->
<deny users="*"/>
</authorization>
</system.web>
</location>
<location path="User">
<system.web>
<authorization>
<!--拒絕所有匿名用戶訪問-->
<deny users="?"/>
</authorization>
</system.web>
</location>
---------------------------------這是在Global.asax 文件代碼-----------------------------
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
// 判斷用戶是否進行了身份驗證
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
// 判斷用戶的是否進行了Forms 身份驗證
if (HttpContext.Current.User.Identity is FormsIdentity)
{
// 獲得用戶進行了Forms 身份驗證的身份標識
FormsIdentity userIdent = (FormsIdentity)HttpContext.Current.User.Identity;
// 從身份驗證票中獲得用戶數據
string userData = userIdent.Ticket.UserData;
//分割用戶信息得到用戶角色數據信息
string[] roles = userData.Split(',');
//從用戶標識和角色數組初始化GenericPrincipal
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(userIdent, roles);
}
}
}
}
-----------------------------------------------登錄頁面設置-------------------------------
FormsAuthenticationTicket tickect = new FormsAuthenticationTicket(1, "XXOO", DateTime.Now,
DateTime.Now.AddMinutes(5), false, role);
//加密票據
string Encrypt = FormsAuthentication.Encrypt(tickect);
//創建Cookies
HttpCookie mycookies = new HttpCookie(FormsAuthentication.FormsCookieName,Encrypt);
//將cookies 寫入客戶端
Response.Cookies.Add(mycookies);
//跳轉到初始請求頁 或默認頁
Response.Redirect(FormsAuthentication.GetRedirectUrl("XXOO",false));