问题描述

我使用C＃和ASP.NET。
我的网站上具有以下文件结构：

Im using C# and ASP.NET.I have this file structure on my website:

~\Admin\SecuredFolder\ManageWebsite.aspx
~\Admin\Login.aspx
~\Homepage.aspx

我要实现的目标非常简单，但我想直到现在我的所有尝试都变得太复杂了，我有点困惑。

What i'm trying to achieve is pretty much simple but i guess all my attempts till now turned out too complex and i'm kinda confused.

我的目标：

• Homepage.aspx 和 Login.aspx 应该对所有人公开（匿名用户）


• SecuredFolder 应该仅适用于登录用户（即：管理员用户）。尝试访问此文件夹中的任何页面（不进行记录）的人都应重定向到登录页面。


• 登录成功后，将成功重定向到 ManageWebsite.aspx

• Homepage.aspx and Login.aspx should be public for all (anonymous users)
• SecuredFolder should be for logged users ONLY (ie: admin users). Whoever attempt to access any page in this folder (without being logged) should be redirected to login page.
• Once login succeeds it will successfully redirect to ManageWebsite.aspx

我知道这应该是一个简单的实现，但是我觉得我还没有适当地内部化它。

I know this supposed to be a simple implementation but i feel like I have not internalized it properly yet.

希望任何人都可以为我提供示例。

Hope any of you could provide me an example.

推荐答案

将此Webconfig放入securefolder 〜\Admin\SecuredFolder\

Put this webconfig in securedfolder ~\Admin\SecuredFolder\

<?xml version="1.0"?>
<configuration>

  <system.web>
    <authorization>
      <allow roles="admin" />
      <deny users="?"/>
    </authorization>
  </system.web>

</configuration>

将此内容放入根文件夹〜\

put this in webconfig of root folder ~\

 <authentication mode="Forms">
      <forms loginUrl="~/Admin/Login.aspx" timeout="2880" />
    </authentication>
  <location>
    <system.web>
      <authorization>

        <allow users="*"/>

      </authorization>
    </system.web>
  </location>