[英]Redirecting user to login page if not authenticated
I am using the simple authentication thing.,,.. 我正在使用简单的身份验证。,, ..
Using this in config file.... 在配置文件中使用它....
<authentication mode="Forms">
<forms name=".COOKIE" loginUrl="login.aspx" protection="All" path="/" timeout="480"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
The user who is not logged in should be sent back to login.aspx. 未登录的用户应该发送回login.aspx。 BUT currently it is not happening.
但目前还没有发生。 User is able to go to any page.
用户可以转到任何页面。 While it is working well in my local but not working on server.
虽然它在我的本地运行良好,但没有在服务器上工作。 What is the thing which I am missing...
我错过了什么......
Still seeking for the answer...... 还在寻找答案......
Couple of things to try: 有几件事要尝试:
<allow users="*"/>
<allow users="*"/>
Seems like the config is all right. 似乎配置是可以的。 You might check if the machine.config or the IIS ASP.NET settings are overriding the Web.config you're using.
您可以检查machine.config或IIS ASP.NET设置是否覆盖了您正在使用的Web.config。
Make sure the FormsAuthentication
module is added to the httpMdules
collection. 确保将
FormsAuthentication
模块添加到httpMdules
集合中。 You might try to add it your self in your web.config
, in case it has been removed from machine.config
. 您可以尝试在
web.config
添加它自己,以防它从machine.config
删除。 This module is what handles the redirect to what you have specified under authentication/forms
此模块处理重定向到您在
authentication/forms
下指定的内容
I would deny unauthenticated users by default, only make exceptions for the login page and other resources needed. 我默认拒绝未经身份验证的用户,只为登录页面和所需的其他资源设置例外。
Example: 例:
<authorization>
<deny users="?"/>
</authorization>
... ...
<location path="Login.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.