Register.aspx将匿名用户重定向到“登录”页面

Question

I'm using asp.net Identity 2, In web.config under Account folder I have the following

<location path="Register.aspx">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>
<system.web>
   <authorization>
       <deny users="?" />
   </authorization>
</system.web>

The problem is that when I try to access the register.aspx it redirects me to the login page. I need unauthorized users to be able to access the registration page

Answer 1

You could use the allowOverride on a location to set the global deny authorization:

<location path="Register.aspx">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>
<location allowOverride="true">
    <system.web>
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web>
</location>

This will handle your redirect issue on Register, but will leave you having to make additional exceptions for your assets, such as images, scripts, and styles.

As an alternative approach, I find it easier trying to avoid having to manage massive lists of these location tags by leaving authorization to be done by directory. Maybe it makes sense to leave the shared assets and non-secured pages off the root level like this and put your secured pages in different subfolders you secure through web.configs inside those folders.

Project
/images/...
/styles/...
/secured/account.aspx
/secured/web.config (this is where you'd have your `deny` authorization)
/Register.aspx
/web.config (use allow all users at this level)

Now you can easily manage which users access which files, and it's much cleaner.