错误404.15查询字符串访问帐户/登录时间过长

时间:2019-01-08 07:22:32

标签: c# asp.net asp.net-identity

我正在将ASP.Net Web表单应用程序从“成员资格”转移到“身份”。通常,一切正常,但是当我注销后尝试进入登录页面时,出现错误404.15查询字符串太长的情况。似乎有些东西在反复添加返回网址。

https://localhost:44350/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FAccount%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FAccount%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FAccount%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FAccount%252525252525252525252525252525252525252FLogin

在Account文件夹中,web.config中包含以下内容

<?xml version="1.0"?>
<configuration>

    <location path="Login.aspx">
        <system.web>
            <authorization>
                <allow users="*"/>
            </authorization>
        </system.web>
    </location>


    <system.web>
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web>

</configuration>

当我将其更改为仅拒绝访问特定页面而不允许访问特定页面时,我看不到此问题,但是该应用程序的菜单开始显示匿名用户的帐户管理。

有人对如何解决此问题有任何建议吗?

1 个答案:

答案 0 :(得分:0)

我不得不做一些事情来解决这个问题。首先,为了消除404.15错误,我更新了帐户文件夹的web.config文件,以仅拒绝匿名用户访问某些页面,而不是拒绝匿名用户访问帐户文件夹并允许在需要时访问已知用户。那是

<?xml version="1.0"?>
<configuration>

    <location path="Profile.aspx">
        <system.web>
            <authorization>
                <deny users="?"/>
            </authorization>
        </system.web>
    </location>

</configuration>

进行此更改后,以前没有显示匿名用户的菜单项PROFILE。为了解决该问题,我现在使用从站点地图构建的两个不同菜单。一个用于匿名用户,另一个用于经过身份验证的用户。

匿名用户的网站地图:

<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
    <siteMapNode title="ROOT" description="Root" roles="*">
        <siteMapNode title="HOME" description="Home" roles="*" url="~/" />
        <siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
        <siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
    </siteMapNode>
</siteMap>

经过身份验证的用户的站点地图:

<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
    <siteMapNode title="ROOT" description="Root" roles="*">
        <siteMapNode title="HOME" description="Home" roles="*" url="~/" />
        <siteMapNode title="PROFILE" description="Profile" roles="*" url="~/Account/Profile" />
        <siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
        <siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
        <siteMapNode title="ADMIN" description="Admin" roles="Administrator" url="~/Admin/Admin" />
    </siteMapNode>
</siteMap>

从那里,我将两个站点地图都添加到了web.config文件中:

<system.web>
  <siteMap defaultProvider="MenuSiteMapProvider" enabled="true">
      <providers>
          <add name="MenuSiteMapProvider" description="Default Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Menu.sitemap" securityTrimmingEnabled="true" />
          <add name="MemberSiteMapProvider" description="Member Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Member.sitemap" securityTrimmingEnabled="true" />
      </providers>
  </siteMap>
</system.web>

最后,我更新了网站的主页,以对匿名或已验证用户使用正确的菜单:

Microsoft.Owin.Security.IAuthenticationManager authManager = Request.GetOwinContext().Authentication;
System.Security.Claims.ClaimsPrincipal authUser = authManager.User;
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var user = manager.FindById(authUser.Identity.GetUserId<long>());

MenuSiteMap.Provider = SiteMap.Providers[user == null ? "MenuSiteMapProvider" : "MemberSiteMapProvider"];