【发布时间】:2023-04-05 22:54:02
【问题描述】:
我正在使用带有激活电子邮件的 ASP.NET 表单身份验证。我已经注册工作,将用户添加到数据库并发送激活电子邮件,电子邮件被发送给用户并点击它并被激活。我能够使用正确的凭据登录,但每次都只是重定向到我项目根目录下的 default.aspx。我尝试在允许该角色的子目录中添加指向页面的链接 - 但它只会让您回到登录页面。当您再次登录时 - 它只是回到 default.aspx
这是 login.aspx.vb 上的代码
Imports System.Data
Imports System.Configuration
Imports System.Data.SqlClient
Imports System.Web.Security
Imports Microsoft.VisualBasic
Imports System
Partial Class login
Inherits System.Web.UI.Page
Protected Sub ValidateUser(sender As Object, e As AuthenticateEventArgs) Handles Login1.Authenticate
Dim userID As Integer = 0
Dim roles As String = String.Empty
Session("roles") = Nothing
Using con As New SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True")
Using cmd As New SqlCommand("Validate_User")
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("@Username", Login1.UserName)
cmd.Parameters.AddWithValue("@Password", Login1.Password)
cmd.Connection = con
con.Open()
Dim reader As SqlDataReader = cmd.ExecuteReader()
If reader.Read() Then
userID = Convert.ToInt32(reader("UserId"))
roles = reader("RoleName").ToString()
Session("roles") = roles
End If
con.Close()
End Using
Select Case userID
Case 1
Login1.FailureText = "Username and/or password is incorrect."
Exit Select
Case 2
Login1.FailureText = "Account has not been activated."
Exit Select
Case Else
Dim ticket As New FormsAuthenticationTicket(1, Login1.UserName, DateTime.Now, DateTime.Now.AddMinutes(2880), Login1.RememberMeSet, roles,
FormsAuthentication.FormsCookiePath)
Dim hash As String = FormsAuthentication.Encrypt(ticket)
Dim cookie As New HttpCookie(FormsAuthentication.FormsCookieName, hash)
If ticket.IsPersistent Then
cookie.Expires = ticket.Expiration
End If
Response.Cookies.Add(cookie)
Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, Login1.RememberMeSet))
Exit Select
End Select
End Using
End Sub
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
If Not Me.IsPostBack Then
If Me.Page.User.Identity.IsAuthenticated Then
FormsAuthentication.SignOut()
Response.Redirect("~/login.aspx")
Else
Session.Abandon()
Session.Clear()
End If
End If
End Sub
End Class
这是网络配置(项目的根目录-我读过一些关于必须在每个目录中放置网络配置的内容)
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="2880">
</forms>
</authentication>
</system.web>
<!--https://www.codeproject.com/Articles/2905/Role-based-Security-with- Forms- Authentication-->
<location path="Admin">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Admin" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="Judges">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Judge" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="Students">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Student" />
<deny users="*" />
</authorization>
</system.web>
</location>
这是目录结构... directory structure
完整的网络配置...
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<remove name="ChartImageHandler" />
<add name="ChartImageHandler" preCondition="integratedMode" verb="GET,HEAD,POST" path="ChartImg.axd" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</handlers>
</system.webServer>
<connectionStrings>
<add name="Database" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
<add name="BandDatabaseConnectionString" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<httpHandlers>
<add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
validate="false" />
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91"
validate="false" />
</httpHandlers>
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</controls>
</pages>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5">
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</buildProviders>
</compilation>
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="2880">
</forms>
</authentication>
</system.web>
<!--https://www.codeproject.com/Articles/2905/Role-based-Security-with-Forms-Authentication-->
<location path="Admin">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Admin, Student, Judge" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Judges">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Judge" />
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Students">
<system.web>
<authorization>
<!-- Order and case are important below -->
<allow roles="Student" />
<deny users="?" />
</authorization>
</system.web>
</location>
<appSettings>
<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
<add key="ChartImageHandler" value="storage=file;timeout=20;dir=c:\TempImageFiles\;" />
</appSettings>
<system.net>
<mailSettings>
<smtp deliveryMethod="Network" from="people@overthere.com">
<network host="localhost" userName="" password="" defaultCredentials="true" />
</smtp>
</mailSettings>
</system.net>
</configuration>
【问题讨论】:
-
“我读到了一些关于必须在每个目录中放置 web 配置的内容”——你在这样做吗?
标签: asp.net vb.net forms-authentication