我在我的asp.net项目中使用FormAuthenticaion但无法授予对特定页面的访问权限。我已经尝试了互联网上提供的所有答案,但没有一个能够正常运行。这是我的代码
的Web.Config
<system.web>
<compilation debug="true" targetFramework="4.5"/>
<httpRuntime targetFramework="4.5"/>
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web"/>
</httpModules>
<authentication mode="Forms" >
<forms name="PIMAutontication" loginUrl="/User/login.aspx" ></forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
<customErrors mode="Off">
<error statusCode="400" redirect="~/404.html"/>
<error statusCode="403" redirect="~/404.html"/>
<error statusCode="404" redirect="~/404.html"/>
<error statusCode="500" redirect="~/404.html"/>
</customErrors>
</system.web>
<location path="~/Test/Test.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Global.asax中
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if (HttpContext.Current.User.Identity is FormsIdentity)
{
FormsIdentity id =
(FormsIdentity)HttpContext.Current.User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
// Get the stored user-data, in this case, our roles
string userData = ticket.UserData;
string[] roles = userData.Split(',');
HttpContext.Current.User = new GenericPrincipal(id, roles);
}
}
}
}