Question

我有这四个班级：

public class Personal
        {
            public int Id { get; set; }
            public string Name { get; set; }
        }

public class LoginRepository
    {
        Context context = new Context();
        public Personal GetByUsernameAndPassword(Personal user)
        {
            return context.Personals.Where(u => u.Name==user.Name).FirstOrDefault();
        }
    }

public class LoginApplication
    {
        LoginRepository userRepo = new LoginRepository();
        public Personal GetByUsernameAndPassword(Personal user)
        {
            return userRepo.GetByUsernameAndPassword(user);
        }
    }

public class SessionContext
    {
        public void SetAuthenticationToken(string name, bool isPersistant, Personal userData)
        {
            string data = null;
            if (userData != null)
                data = new JavaScriptSerializer().Serialize(userData);

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, name, DateTime.Now, DateTime.Now.AddYears(1), isPersistant, data);

            string cookieData = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieData)
            {
                HttpOnly = true,
                Expires = ticket.Expiration
            };

            HttpContext.Current.Response.Cookies.Add(cookie);
        }

        public Personal GetUserData()
        {
            Personal userData = null;

            try
            {
                HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
                if (cookie != null)
                {
                    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);

                    userData = new JavaScriptSerializer().Deserialize(ticket.UserData, typeof(Personal)) as Personal;
                }
            }
            catch (Exception ex)
            {
            }

            return userData;
        }
    }

在我的控制器中我有这个：

 public class HomeController : Controller
    {
        LoginApplication userApp = new LoginApplication();
        SessionContext context = new SessionContext();
        public ActionResult Index()
        {
            return View();
        }
        [HttpPost]
        public ActionResult Index(Personal user)
        {
            var authenticatedUser = userApp.GetByUsernameAndPassword(user);
            if (authenticatedUser != null)
            {
                context.SetAuthenticationToken(authenticatedUser.Name, false, authenticatedUser);
                return RedirectToAction("Index", "Asp");
            }
            return View();
        }
    }

但问题是，即使我使用正确的登录名称，我也会看到此错误：

HTTP错误401.0 - 未经授权您无权查看此目录或页面。

我认为会话未创建。我该怎么办？

Answer 1

听起来像IIS配置你没有正确处理请求/路由，所以不使用MVC路由选择正确的控制器IIS看到一个目录的路径并且因为目录列表被禁用而抛弃未经授权的。

如何设置它取决于您正在运行的IIS版本。从技术角度来看，配置基本相同，但是由于管理控制台经历了从6到7的剧烈变化。如何在IIS7（+）中进行这样的操作已被私下询问，而不是重写答案我认为它符合精神这个社区更好地转发到answer

HTTP错误401.0 - 未经授权

1 个答案: