ASP.NET Forms身份验证

时间:2017-04-30 16:22:06

标签: c# asp.net forms iis

我创建了新项目> ASP.NET Web应用程序(具有单独的用户帐户)。要根web.config我添加了`

<authentication mode="Forms">
      <forms loginUrl="log.aspx" defaultUrl="about.aspx"/>
    </authentication>

<authorization>
  <deny users="?"/>
</authorization>`

为了将每个未经过身份验证的用户重定向到log.aspx(它存在于项目根目录中)。但是,当我现在运行我的项目时,我收到了错误

  

HTTP错误404.15 - 未找到

     

请求过滤模块配置为拒绝请求所在的位置   查询字符串太长了。

Requested URL    http://localhost:55371/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FAccount%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FAccount%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FAccount%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FAbout.aspx
     

物理路径      D:\ Visual Studio workplace \ WebApplication4 \ WebApplication4 \ Account \ Login

建议的解决方法是更改​​maxquerystring,所以我将其作为here。然后错误改变了

  

异常详细信息:System.Web.HttpException:此请求的查询字符串长度超过配置的maxQueryStringLength值。

对我来说,它看起来像是一个无限循环。你能告诉我为什么第一个错误提到/ account / login这个项目是默认的吗?在这种情况下,还有什么解决方案?

我正在使用VS2015和IIS Express。

2 个答案:

答案 0 :(得分:0)

当您选择&#34;个人用户帐户&#34;在项目创建期间,您要设置身份验证以使用ASP.Net Identity,这是一个与表单身份验证完全不同的系统。

你不想混合它们,使用其中一种。但请注意,Forms Auth现在的安全性远低于Identity,它基本上会在您的网站中设置现代令牌服务器。

答案 1 :(得分:0)

我已经看过多次发布同样的错误,因为我自己也遇到了同样的问题,并且所有答案都没有帮助我,直到我找到问题的真正解决方案。 最初的问题是:  &#34;我创建了新项目&gt; ASP.NET Web应用程序......&#34;它说他改变了web.config文件。 确实存在一个无限循环,因为web.config被设置为拒绝任何未经身份验证的用户访问包含登录页面本身的站点的每个页面!这导致了循环。 为了避免无限循环,应该至少授予对登录页面的访问权限。我做了这个,将另一个web.config文件放在我的登录页面所在的文件夹中,并在其中包含以下代码:

<?xml version="1.0" encoding="utf-8"?>
  <configuration>
    <system.web>
       <authorization>
          <allow users="?"/>
       </authorization>
    </system.web>
  </configuration>

这允许对文件夹内的所有页面进行未经授权的访问,因此请务必将您的登录页面放在那里。这就是所有页面。

编辑:重要的是说这种方法正在使用表单身份验证。

相关问题
最新问题