1. 首页
  2. 问答
  3. Asp.Net否认在某些页面访问用户

Asp.Net否认在某些页面访问用户

2009-08-28 48 views
4

我如何允许访问我的web应用程序给用户,但拒绝他们访问特定网页?我想允许更多的用途使用我创建的应用程序,但有一些我不希望它们能够访问的页面。Asp.Net否认在某些页面访问用户

下面是我在Web.config现在。

<authorization> 
     <allow roles="COMPANY\User_1"/> 
     <allow roles="COMPANY\User_2"/> 
     <allow roles="COMPANY\User_3"/> 

     <deny users="*"/> 
    </authorization>

=========================================== ========================================= 下面是我在标签

<system.web> 
     <!-- 
      Set compilation debug="true" to insert debugging 
      symbols into the compiled page. Because this 
      affects performance, set this value to true only 
      during development. 
     --> 
     <customErrors mode="Off"/> 
     <compilation debug="true"> 
      <assemblies> 
       <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Data.OracleClient, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="Microsoft.SqlServer.ConnectionInfo, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.Smo, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.SmoEnum, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.SqlEnum, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/></assemblies> 
     </compilation> 
     <!-- 
      The <authentication> section enables configuration 
      of the security authentication mode used by 
      ASP.NET to identify an incoming user. 
     --> 
     <authentication mode="Windows"/> 





    <authorization> 
     <allow roles="COMPANY\User_1"/> 
     <allow roles="COMPANY\User_2"/> 
     <allow roles="COMPANY\User_3"/> 

     <deny users="*"/> 
    </authorization> 



     <identity impersonate="true" userName="COMPANY\User_1" password="password"/> 
     <!-- 
      The <customErrors> section enables configuration 
      of what to do if/when an unhandled error occurs 
      during the execution of a request. Specifically, 
      it enables developers to configure html error pages 
      to be displayed in place of a error stack trace. 

     <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> 
      <error statusCode="403" redirect="NoAccess.htm" /> 
      <error statusCode="404" redirect="FileNotFound.htm" /> 
     </customErrors> 
     --> 
     <pages maintainScrollPositionOnPostBack="true"> 
      <controls> 
       <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/> 
      </controls> 
     </pages> 
     <httpHandlers> 
      <remove path="*.asmx" verb="*"/> 
      <add path="*.asmx" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="*_AppService.axd" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="ScriptResource.axd" verb="GET,HEAD" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false"/> 
     </httpHandlers> 
     <httpModules> 
      <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
     </httpModules> 
    </system.web>

来源

2009-08-28 FashionHouseJewelry.com

回答

0

该视频不讨论你的选择的一个好工作。也有一些代码:

http://www.asp.net/learn/videos/video-06.aspx

“在本课中,您将了解ASP.NET 2.0的新成员的能力此外,您将了解基于角色的安全性,以及如何使用。角色来控制访问您的网站。“

来源

2009-08-28 19:18:40 MedicineMan

7

您可以使用地理位置标记来控制这种类型的东西。

在这个例子中,我给客户和管理员访问CustomersFolder目录:

<location path="CustomersFolder"> 
    <system.web> 
     <authorization> 
      <allow roles="Customers, Admin"/> 
      <deny users="*"/> 
     </authorization> 
    </system.web> 
</location>

而且与第二块,我则限制文件夹下访问某个文件只是管理员:

<location path="CustomersFolder/SecureFile.aspx"> 
    <system.web> 
     <authorization> 
      <allow roles="Admin"/> 
      <deny users="*"/> 
     </authorization> 
    </system.web> 
</location>

希望这样的事情能为你工作。

来源

2009-08-28 19:18:44

+0

我在标签之间有很多其他的东西。我需要复制它的所有内容吗? – 2009-08-28 20:22:01

+0

你知道,我误解了你的问题。为了看到这个的其他人 - 不,你不必复制整个system.web内容。你应该很好走。 – 2011-04-29 19:53:04

相关问题

 相关问题