表单身份验证问题与排除页面

本文介绍了表单身份验证问题与排除页面的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

问候我已经为我的管理目录使用了表单身份验证，并且我已经排除了我的根Webforms并且我已将其上传到主机上，现在每当我调用域时，它都希望我先进行身份验证。但是如果我调用Domain / index.aspx就可以了。我不知道如何解决这个问题。

我尝试过：

Greetings i've used Form Authentication for my Admin Directory and i've excluded my root Webforms and i've uploaded it on Host, now whenever i call the domain, it wants me to Authenticate first. but if i call Domain/index.aspx for example it works. i dont know how to fix this issue.

What I have tried:

<system.web>
    <machineKey validationKey="74222414ADCEF7AD77EBDDEEF79D2ED08F23BBA5BE82154DF47135ACF39F60F29CFA095BE6B707799DF70A53BFA4B43D336789D552DBC4D9542C6F97DFC12256" decryptionKey="25D197E2D9E761C61CAB460F3F67936FF569394BDB7C48C6B02DB2C71B306EA0" validation="SHA1" decryption="AES" />
    <pages validateRequest="false" />
    <!--<customErrors mode="On">
        <error statusCode="404" redirect="~/error/default.html" />
      </customErrors>-->
    <authentication mode="Forms">
      <forms name="MyAppCookie" loginUrl="~/Admin/Login.aspx" protection="All" timeout="120" defaultUrl="~/Admin/Default.aspx" />
    </authentication>
    <authorization>
      <deny users="?" />
      <allow users="*" />
    </authorization>
  </system.web>
  <location path="Index.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <location path="Contactus.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

  <location path="Blogdetails.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  <location path="Blog.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  <location path="Aboutus.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

推荐答案

<system.web>
    <machineKey ... />
    <pages validateRequest="false" />
    <authentication mode="Forms">
      <forms name="MyAppCookie" loginUrl="~/Admin/Login.aspx" protection="All" timeout="120" defaultUrl="~/Admin/Default.aspx" />
    </authentication>

    <!-- NB: Remove the <authorization> element here... -->
</system.web>

<!-- Now deny anonymous access to any pages / folders you want to protect: -->
<location path="admin">
    <system.web>
        <authorization>
            <deny users="?" />
            <allow users="*" />
        </authorization>
    </system.web>
</location>

对于文件夹，您还可以使用授权规则在文件夹中创建 web.config 文件，不使用location元素：

For folders, you could also create a web.config file within the folder with the authorization rules, without using the location element:

<!-- /admin/web.config -->
<configuration>
    <system.web>
        <authorization>
            <deny users="?" />
            <allow users="*" />
        </authorization>
    </system.web>
</configuration>

注意：您应该从不将< machineKey> 详细信息发布到公共论坛。这些是私人加密密钥，允许任何人入侵您的网站。您应该尽快更改这些密钥！

NB: You should never post your <machineKey> details to a public forum. Those are private encryption keys, which would allow anyone to hack into your site. You should change those keys ASAP!

这篇关于表单身份验证问题与排除页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！