堆栈内存溢出
  简体   繁体   English

奇怪的ASP.NET表单身份验证问题

[英]Strange ASP.NET Forms Authentication Issue

 原文  2012-12-20 13:07:53       c#/ asp.net/ authentication/ login/ forms-authentication

问题描述

On my default.aspx is a login page : 在我的default.aspx上是一个登录页面:

Default.aspx : Default.aspx: 

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="Portal.Default"
    MasterPageFile="Portal.Master" Title="Login" %>

<asp:Content runat="server" ContentPlaceHolderID="MainContentPlaceHolder">
    <div class="block" id="login">
        <h2>Login</h2>
        <asp:Label style="top: 15px;left: 11px" runat="server" Text="User Name :" CssClass="label" />
        <asp:TextBox ID="txtLoginUserName" Style="top: 15px;left: 17px; width:100px" runat="server"  CssClass="textbox" />
        <asp:Label style="top: 20px;left: 19px;" runat="server" Text="Password :" CssClass="label" />
        <asp:TextBox ID="txtLoginPassword" Style="top: 20px;left: 25px; width:100px;"  runat="server" TextMode="Password" CssClass="textbox" />
        <asp:Button ID="btnLogin" Style="top:30px;left: 91px" CssClass="button" runat="server" Text="Login" OnClick="BtnSubmitClick" />
    </div>
</asp:Content>

Code behind : 后面的代码: 

using System;
using System.Linq;
using System.Web.Security;

namespace Portal
{
    public partial class Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            Page.Form.DefaultFocus = txtLoginUserName.ClientID;
        }

        protected void BtnSubmitClick(object sender, EventArgs e)
        {
            using (var db = new DbContext())
            {
                if (db.Users.Any(x => x.Username == txtLoginUserName.Text && x.Password == txtLoginPassword.Text))
                {
                    FormsAuthentication.RedirectFromLoginPage(txtLoginUserName.Text, true);
                }
                else
                {
                    ClientScript.RegisterStartupScript(GetType(), "myalert", "alert('* invalid credentials, please try again');", true);
                }
            }
        }
    }
}

Web.Config : Web.Config: 

<?xml version="1.0" encoding="utf-8"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>

  <location path="default.aspx">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>

  <location path="Styles">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>

  <location path="Console.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <location path="Options.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <system.web>

    <authorization>
      <deny users="?" />
    </authorization>

    <authentication mode="Forms">
      <forms name="Portal" loginUrl="default.aspx" defaultUrl="console.aspx" />
    </authentication>

    ...

  </system.web>

</configuration>

The problem is when I go to my website, instead of http://www.myhostname.com/default.aspx it takes me to http://myhostname.com/default.aspx?ReturnUrl=%2f which is strange, so I type in the username and password, hit login... and everything goes blank... the url changes to http://www.myhostname.com and I type everything a 2nd time... after which it logs in... and goes to console.aspx 问题是,当我进入网站而不是http://www.myhostname.com/default.aspx ,将我带到http://myhostname.com/default.aspx?ReturnUrl=%2f ,这很奇怪,因此我输入用户名和密码,单击登录...,然后一切变为空白... URL更改为http://www.myhostname.com ,第二次输入所有内容...之后登录。然后转到console.aspx

Why is it doing that? 为什么这样做呢?

2 个解决方案

解决方案1
 0  2012-12-20 13:40:56

As specified here 如此处指定

http://msdn.microsoft.com/en-US/library/s09bfdt2(v=vs.80).aspx http://msdn.microsoft.com/zh-CN/library/s09bfdt2(v=vs.80).aspx 

FormsAuthentication.RedirectFromLoginPage

Redirects an authenticated user back to the originally requested URL or the default URL. 将经过身份验证的用户重定向回原始请求的URL或默认URL。 

ReturnUrl=%2f

for your first login and the default url for the second 第一次登录,第二次登录的默认网址

解决方案2
 0 已采纳  2012-12-20 14:49:08

I solved the issue thus: 我这样解决了这个问题:

  1. Renamed default.aspx to login.aspx and updated all refs. 将default.aspx重命名为login.aspx并更新了所有引用。
  2. Renamed the console.aspx as default.aspx and updated all refs. 将console.aspx重命名为default.aspx并更新了所有引用。

Now I changed the web.config to look much simpler like so : 现在,我将web.config更改为看起来更简单: 

<?xml version="1.0"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <system.web>

    <authorization>
      <deny users="?"/>
    </authorization>

    <authentication mode="Forms">
    </authentication>

    ...

  </system.web>  
</configuration>

Now it works on the first login, and I am well happy with all that simplification :D 现在,它可以在首次登录时使用,对于所有的简化我都很满意:D

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.Net Forms身份验证提供程序问题 - ASP.Net Forms authentication provider issue ASP.NET Forms身份验证 - 记住我的问题 - ASP.NET Forms Authentication - Remember Me issue ASP.Net中的两个基本表单身份验证问题 - two basic Forms authentication issue in ASP.Net ASP.NET表单身份验证和Windows身份验证 - ASP.NET Forms Authentication and Windows Authentication 自定义ASP.NET MVC表单身份验证 - Custom ASP.NET MVC Forms Authentication ASP.NET MVC + Silverlight +表单身份验证 - ASP.NET MVC + Silverlight + Forms Authentication ASP.NET Forms身份验证到期 - ASP.NET Forms Authentication Expiry 表单身份验证asp.net mvc无法进行身份验证 - Forms authentication asp.net mvc not authenticating Asp.Net表单与子域的身份验证 - Asp.Net Forms Authentication with Subdomains ASP.NET窗体身份验证漏洞 - ASP.NET Forms Authentication Vulnerabilities
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM