为网站添加安全机制，windows与Form验证

楼主^#

更多发布于：2013-01-13 00:33

[] 1


	--------web.config-------------- <!--基于Windows的身份认证--> <configuration> <system.web> <authentication mode="Windows"></authentication> <authorization> <!--除了匿名之外别人都可以--> <deny users="?"/> <allow users=""/> <!-- 授权，除了Test这个匿名，别人都可以--> <deny users="?"/> <deny users="Test"/> <allow users=""/> </authorization> <compilation debug="true" targetFramework="4.0" /> </system.web> </configuration> <!--基于Froms的身份认证--> <configuration> <system.web> <authentication mode="Forms"> <!--loginUrl登录时的那个页面（所有的用户都从登录这个页面进入网站，别的地方不让进）给Cookie加密protection --> <forms loginUrl="login.aspx" timeout="2880" name="aaa" protection="Encryption"/> </authentication> <!--授权--> <authorization> <deny users="?"/> <allow users="*"/> </authorization> <compilation debug="true" targetFramework="4.0" /> </system.web> <!--在images文件夹下的图片是可以被访问的--> <location path="images"> <system.web> <authorization> <allow users="?"/> </authorization> </system.web> </location> <!--在subPages文件夹下的子页是可以被访问的--> <location path="subpages"> <system.web> <authorization> <allow users="?"/> </authorization> </system.web> </location> </configuration> ----------registor.aspx----------- <body> <form id="form1" runat="server"> <div> 注册页…… </div> </form> </body> -----------default1.aspx------------ <body> <form id="form1" runat="server"> <div> default1页……………… </div> </form> </body> ---------------Login.aspx-------------------- <body> <form id="form1" runat="server"> <div> <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox> <asp:TextBox ID="TextBox2" runat="server"></asp:TextBox> <asp:Button ID="Button1" runat="server" Text="Button" Xonclick="Button1_Click" /> <br /> <br /> <img src="images/1.gif" /> www.atcpu.com <br /> <asp:Login ID="LoginControl" runat="server"> </asp:Login> </div> </form> </body> --------------Login.aspx.cs----------------------- protected void Button1_Click(object sender, EventArgs e) { if (this.TextBox1.Text == "admin" ;; this.TextBox2.Text == "123") { //from授权， FormsAuthentication.SetAuthCookie(this.TextBox1.Text, false); } }