我正在开发一个基于表单的身份验证的 Web 应用程序。除 AboutUs 和 ContactUs 页面外,所有页面都需要进行身份验证。
除了 AboutUs 和 ContactUs 页面外,我都正确配置了所有内容。由于我在授权部分拒绝所有用户,因此即使客户浏览 AboutUs 和 ContactUs 页面,应用程序也会重定向。
<authentication mode= "Forms">
<forms name=".ASPXAUTH" loginUrl="Login.aspx" timeout="20" protection="All" slidingExpiration="true" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
您能否让我知道如何告诉 asp.net 删除这些页面以进行授权?
谢谢, 马赫什
试试这个:
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".ASPNETAUTH"
protection="None" path="/" timeout="20" >
</forms>
</authentication>
<!-- This section denies access to all files in this application except for
those that you have not explicitly specified by using another setting. -->
<authorization>
<deny users="?" />
</authorization>
</system.web>
<!-- This section gives the unauthenticated user access to the AboutUs.aspx page
only. It is located in the same folder as this configuration file. -->
<location path="AboutUs.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
<!-- This section gives the unauthenticated user access to the ContactUs.aspx
page only. It is located in the same folder as this configuration file. -->
<location path="ContactUs.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>