我有2頁:Login.aspx和Satis.aspx。如果身份驗證正確,我將從Login.aspx重定向到Satis.aspx。如果我從滿意登出我重定向到Login.aspx。但是,如果我在web掃描器上編寫satis.aspx'url,則輸入satis.aspx。但是我沒有登錄Satis.aspx。我不應直接輸入Satis.aspx。基於表單的身份驗證問題?
我的web配置:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" name=".ASPXFORMSAUTH" path="/" protection="All">
<credentials>
<user name="a" password="a"></user>
</credentials>
</forms>
</authentication>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
<location path="~/ContentPages/Satis/Satis.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
Login.aspx.cs:
protected void lnkSubmit_Click(object sender, EventArgs e)
{
if(FormsAuthentication.Authenticate(UserEmail.Value,UserPass.Value))
{
FormsAuthentication.RedirectFromLoginPage
(UserEmail.Value, PersistForms.Checked);
}
else
Msg.Text = "Invalid Credentials: Please try again";
}
Satis.aspx
protected void LogoutSystem_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
Response.Redirect("~/Login/Login.aspx");
}
你知道它的用戶? – programmerist 2010-04-02 07:55:56
請更改您的問題 – Midhat 2010-04-02 07:56:02
您的意思是「換句話」是什麼意思? – programmerist 2010-04-02 08:01:28