asp.net用户角色没有通过FormsAuthenticationTicket传递给页面

时间:2015-02-08 09:18:13

标签: c# asp.net

我正在尝试通过FormsAuthenticationTicket创建基于角色的基本用户访问,但它无法正常工作,因为它似乎没有将角色传递给页面。我正在使用的代码是:

的web.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
   <location path="HRPages">
      <system.web>
        <authorization>
          <allow roles = "HR" />
          <deny users ="*" />
        </authorization>
      </system.web>
    </location>

    <location path="SalesPages">
      <system.web>
        <authorization>
          <allow roles = "Sales" />
          <deny users ="*" />
        </authorization>
      </system.web>
    </location>

    <system.web>
      <compilation debug="true" targetFramework="4.5" />
      <httpRuntime targetFramework="4.5" />
      <authentication mode="Forms" />
    </system.web>
  </configuration>

登录页面:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;

namespace formlogin
{
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void cmdLogin_Click(object sender, EventArgs e)
        {
            if (this.txtUsersname.Text.Trim() == "1"
        && this.txtPassword.Text.Trim() == "2")
            {
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                    1, // Ticket version
                    this.txtUsersname.Text.Trim(), // Username associated with ticket
                    DateTime.Now, // Date/time issued
                    DateTime.Now.AddMinutes(30), // Date/time to expire
                    true, // "true" for a persistent user cookie
                    "HR", // User-data, in this case the roles
                    FormsAuthentication.FormsCookiePath);// Path cookie valid for

                 // Encrypt the cookie using the machine key for secure transport
                 string hash = FormsAuthentication.Encrypt(ticket);
                 HttpCookie cookie = new HttpCookie(
                    FormsAuthentication.FormsCookieName, // Name of auth cookie
                    hash); // Hashed ticket

                 // Set the cookie's expiration time to the tickets expiration time
                 if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

                 // Add the cookie to the list for outgoing response
                 Response.Cookies.Add(cookie);

                 // Redirect to requested URL, or homepage if no previous page
                 // requested
                 string returnUrl = Request.QueryString["ReturnUrl"];
                 if (returnUrl == null) returnUrl = "/";

                 // Don't call FormsAuthentication.RedirectFromLoginPage since it
                 // could
                 // replace the authentication ticket (cookie) we just added
                 Response.Redirect(returnUrl);
            }
            else
            {
                // Never tell the user if just the username is password is incorrect.
                // That just gives them a place to start, once they've found one or
                // the other is correct!
                Response.Write( "Username / password incorrect. Please try again.");
            }
        }
    }
}

当我转到HRPages文件夹下的页面时,它会向我显示登录屏幕,成功登录后会创建一个票证并将我重定向回页面,然后再次返回登录屏幕。我做错了什么,好像这个角色似乎没有通过?

0 个答案:

没有答案