I have a problem with a login function that is called by ajax , that's the code of the function it's a webservice visible
[WebMethod]
[System.Web.Script.Services.ScriptMethod]
public string CheckData(string login, string Pass)
{
global gb = new global();
if (gb.CheckUserExist(login, Pass))
{
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(login, true);
HttpCookie cookie = new HttpCookie("userData",login);
cookie.Expires = DateTime.Now.AddMonths(2);
Mosab2aModel.Mosab2aEntities context = new Mosab2aModel.Mosab2aEntities();
var User = context.Users.Where(x => x.UserName == login && x.Password == Pass)
.Select(x => new { x.UserName, x.Password, x.Admin, x.DisplayName, x.FBID }).First();
cookie["UserName"] = User.UserName;
cookie["Password"] = User.Password;
cookie["isAdmin"] = User.Admin.ToString();
cookie["Name"] = User.DisplayName;
cookie["FBID"] = User.FBID;
Context.Response.Cookies.Add(cookie);
//Context.Response.Redirect("/Default.aspx");
return "1";
}
else
{
return "0";
}
}
I call it by ajax here
$.ajax({
type: "POST",
url: 'LoginService.asmx/CheckData',
data: "{'login':'"+ login +"','Pass':'"+pass +"'}",
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(msg)
{
if (msg.d == "1")
{
//document.location.href = '/Default.aspx';
}
else
{
formWrapper.clearMessages();
displayError('Username or password is incorrect');
}
},
error: function()
{
formWrapper.clearMessages();
displayError('Error in contacting server , try again later.');
}
});
I have a strange problem if the user doesn't exist , the function works well and it return the value of 0 and the error diplays , but If the function found the user it get an 401 error Unauthorized.
edit: after several search the problem is with this line !
System.Web.Security.FormsAuthentication.RedirectFromLoginPage(login, true);
乍一看,似乎已通过身份验证的用户对ReturnURL(或默认URL)指定的页面没有适当的权限。
通过允许公共访问Web服务解决了问题,通过web.config运行安全模型时默认情况下拒绝该问题。谢谢。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.