我开发了一个基于表单的身份验证的Web服务,如下所示。
1.在web.config中输入如下。
<authentication mode="Forms">
<forms loginUrl="Loginpage.aspx" name=".AuthAspx">
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="Forms">
<forms loginUrl="Loginpage.aspx" name=".AuthAspx"/></authentication>
<authorization><deny users="?"/> </authorization>
2.在登录页面用户按钮点击事件验证如下。
if (txtUserName.Text == "test" && txtPassword.Text == "test")
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, // Ticket version
txtUserName.Text,// Username to be associated with this ticket
DateTime.Now, // Date/time ticket was issued
DateTime.Now.AddMinutes(50), // Date and time the cookie will expire
false, // if user has chcked rememebr me then create persistent cookie
"", // store the user data, in this case roles of the user
FormsAuthentication.FormsCookiePath); // Cookie path specified in the web.config file in <Forms> tag if any.
string hashCookies = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies); // Hashed ticket
Response.Cookies.Add(cookie);
string returnUrl = Request.QueryString["ReturnUrl"];
if (returnUrl == null) returnUrl = "~/Default.aspx";
Response.Redirect(returnUrl, false);
}
3.Webservice有一个默认的webmethod。
[的WebMethod]
public string HelloWorld()
{
return "Hello World";
}
4.从webApplication我通过在添加上述web服务的webreferance后创建代理来调用webservice。
localhost.Service1 service = new localhost.Service1();
service.Credentials = ystem.Net.CredentialCache.DefaultNetworkCredentials;;
string hello = service.HelloWorld();
Response.Write(hello);
在这里,当在Web应用程序中使用它时,从webservice代理抛出以下异常。
- 对象已移动
答案 0 :(得分:1)
您必须明确允许访问登录页面,否则任何人都无法读取尚未登录的页面。
请参阅ASP.NET Authorization - <deny users="?"/>拒绝所有匿名用户。