希望这很简单。我有一个相当简单的ASP.NET(框架版本2)应用程序,它使用自定义表进行用户验证。无论如何,我有两个页面,登录和注册。你可以猜出目的是什么。用户应该能够通过单击注册链接来请求注册 - 这是一个带有提交按钮的表单,该按钮执行一些数据库调用以查看用户是否存在等等。登录页面使用身份验证cookie进行验证。我正在使用表单身份验证 - 这是在我的web.config中:
<authentication mode="Forms">
<forms loginUrl="logon.aspx" name="adAuthCookie" timeout="30" path="/" defaultUrl="~/logon.aspx">
</forms>
</authentication>
每次我对注册页面进行http调用(即输入http://localhost/registration.aspx - 它会重定向到登录页面。
global.asax.cs文件中有这个 - 这是一个身份验证检查。如果请求页面是注册页面,我想禁用此检查 - 因为用户无需进行身份验证即可访问此页面。任何想法如何做到这一点?
void Application_AuthenticateRequest(object sender, EventArgs e)
{
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if (null == authCookie)
{
//There is no authentication cookie.
return; // right here it will return null then redirect to login.aspx
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch (Exception ex)
{
//Write the exception to the Event Log.
return;
}
if (null == authTicket)
{
//Cookie failed to decrypt.
return;
}
//When the ticket was created, the UserData property was assigned a
//pipe-delimited string of group names.
string[] groups = authTicket.UserData.Split(new char[] { '|' });
//Create an Identity.
GenericIdentity id = new GenericIdentity(authTicket.Name, "LdapAuthentication");
//This principal flows throughout the request.
GenericPrincipal principal = new GenericPrincipal(id, groups);
Context.User = principal;
}
答案 0 :(得分:2)
<location path="registration.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
更多信息MSDN链接http://support.microsoft.com/kb/316871
答案 1 :(得分:2)
您可以在web.config中配置访问权限。这是我要做的一个例子:
<location path="register.aspx"> //path here is path to your register.aspx
<system.web>
<authorization>
<allow users="*"/> // this will allow access to everyone to register.aspx
</authorization>
</system.web>
</location>