通过XML登录ASP.NET成员资格
[英]ASP.NET membership login by xml
问题描述
I have next xml file 
我有下一个xml文件
<employee>
<User>
<username>master</username>
<password>123</password>
</User>
Next c# file (login.aspx.cs) 下一个C#文件(login.aspx.cs)
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
string username;
string pwd;
string CurrentUser = "";
string CurrentPwd = "";
bool LoginStatus = false;
username = Login1.UserName;
pwd = Login1.Password;
XmlDocument xmxdoc = new XmlDocument();
xmxdoc.Load(Server.MapPath("~/App_Data/Loginxml.xml"));
XmlNodeList xmlnodelist = xmxdoc.GetElementsByTagName("User");
foreach (XmlNode xn in xmlnodelist)
{
XmlNodeList xmlnl = xn.ChildNodes;
foreach (XmlNode xmln in xmlnl)
{
if (xmln.Name == "username")
{
if (xmln.InnerText == username)
{
CurrentUser = username;
}
}
if (xmln.Name == "password")
{
if (xmln.InnerText == pwd)
{
CurrentPwd = pwd;
}
}
}
if ((CurrentUser != "") & (CurrentPwd != ""))
{
LoginStatus = true;
}
}
if (LoginStatus == true)
{
Session["UserAuthentication"] = username;
Session.Timeout = 1;
Response.Redirect("~/admin");
}
else
{
Session["UserAuthentication"] = "";
}
}
Login.aspx : Login.aspx:
<form runat="server">
<div>
<h2 style="color: Green">
Login using Xml file in ASP.NET 4, C#</h2>
<asp:Login DestinationPageUrl="/admin" ID="Login1" runat="server" BackColor="#F7F7DE" BorderColor="#CCCC99" BorderStyle="Solid"
BorderWidth="1px" Font-Names="Verdana" Font-Size="10pt" Height="166px" OnAuthenticate="Login1_Authenticate"
Width="264px" FailureText="Username ans password did not match!">
<TitleTextStyle BackColor="#6B696B" Font-Bold="True" ForeColor="#FFFFFF" />
</asp:Login>
</div>
</form>
The code from next url: http://www.devmanuals.com/tutorials/ms/aspdotnet/loginxml.html 下一个网址中的代码: http : //www.devmanuals.com/tutorials/ms/aspdotnet/loginxml.html
Ok, it works great, its recognize when username & password are corrects, but... i want to block access to folder named "admin", only if someone loged in with "master" username and "123" passowrd, he will be available to get in the admin folder content. 好的,它很好用,可以识别用户名和密码正确的时间,但是...我想阻止对名为“ admin”的文件夹的访问,只有当有人使用“ master”用户名和“ 123” passowrd登录时,他才会可用于获取管理文件夹内容。
I tried to do it by web.config : 我试图通过web.config来做到这一点:
<location path="admin">
<system.web>
<authorization>
<deny users="?" />
<allow users="master"/>
</authorization>
</system.web>
</location>
But nothing.. it redirct me again to login page and not to admin folder default.aspx page. 但是什么都没有。它再次将我重定向到登录页面,而不是管理文件夹default.aspx页面。 What i need to do? 我需要做什么? its via web.config or should i block and grant access via admin folder cs code? 通过web.config还是我应该通过admin文件夹cs代码阻止并授予访问权限? and how. 如何。
1 个解决方案
解决方案1
1 2014-02-03 10:15:41
请参阅: http : //msdn.microsoft.com/zh-cn/library/aa479021.aspx ,然后查找ReadOnlyXmlMembershipProvider
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.