1. 首頁
  2. 問答
  3. Asp.Net否認在某些頁面訪問用戶

Asp.Net否認在某些頁面訪問用戶

2009-08-28 51 views
4

我如何允許訪問我的web應用程序給用戶,但拒絕他們訪問特定網頁?我想允許更多的用途使用我創建的應用程序,但有一些我不希望它們能夠訪問的頁面。Asp.Net否認在某些頁面訪問用戶

下面是我在Web.config現在。

<authorization> 
     <allow roles="COMPANY\User_1"/> 
     <allow roles="COMPANY\User_2"/> 
     <allow roles="COMPANY\User_3"/> 

     <deny users="*"/> 
    </authorization>

=========================================== ========================================= 下面是我在標籤

<system.web> 
     <!-- 
      Set compilation debug="true" to insert debugging 
      symbols into the compiled page. Because this 
      affects performance, set this value to true only 
      during development. 
     --> 
     <customErrors mode="Off"/> 
     <compilation debug="true"> 
      <assemblies> 
       <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Data.OracleClient, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> 
       <add assembly="Microsoft.SqlServer.ConnectionInfo, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.Smo, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.SmoEnum, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/> 
       <add assembly="Microsoft.SqlServer.SqlEnum, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91"/></assemblies> 
     </compilation> 
     <!-- 
      The <authentication> section enables configuration 
      of the security authentication mode used by 
      ASP.NET to identify an incoming user. 
     --> 
     <authentication mode="Windows"/> 





    <authorization> 
     <allow roles="COMPANY\User_1"/> 
     <allow roles="COMPANY\User_2"/> 
     <allow roles="COMPANY\User_3"/> 

     <deny users="*"/> 
    </authorization> 



     <identity impersonate="true" userName="COMPANY\User_1" password="password"/> 
     <!-- 
      The <customErrors> section enables configuration 
      of what to do if/when an unhandled error occurs 
      during the execution of a request. Specifically, 
      it enables developers to configure html error pages 
      to be displayed in place of a error stack trace. 

     <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> 
      <error statusCode="403" redirect="NoAccess.htm" /> 
      <error statusCode="404" redirect="FileNotFound.htm" /> 
     </customErrors> 
     --> 
     <pages maintainScrollPositionOnPostBack="true"> 
      <controls> 
       <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
       <add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/> 
      </controls> 
     </pages> 
     <httpHandlers> 
      <remove path="*.asmx" verb="*"/> 
      <add path="*.asmx" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="*_AppService.axd" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="ScriptResource.axd" verb="GET,HEAD" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> 
      <add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false"/> 
     </httpHandlers> 
     <httpModules> 
      <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> 
     </httpModules> 
    </system.web>

來源

2009-08-28 FashionHouseJewelry.com

回答

0

該視頻不討論你的選擇的一個好工作。也有一些代碼:

http://www.asp.net/learn/videos/video-06.aspx

「在本課中,您將瞭解ASP.NET 2.0的新成員的能力此外,您將瞭解基於角色的安全性,以及如何使用。角色來控制訪問您的網站。「

來源

2009-08-28 19:18:40 MedicineMan

7

您可以使用地理位置標記來控制這種類型的東西。

在這個例子中,我給客戶和管理員訪問CustomersFolder目錄:

<location path="CustomersFolder"> 
    <system.web> 
     <authorization> 
      <allow roles="Customers, Admin"/> 
      <deny users="*"/> 
     </authorization> 
    </system.web> 
</location>

而且與第二塊,我則限制文件夾下訪問某個文件只是管理員:

<location path="CustomersFolder/SecureFile.aspx"> 
    <system.web> 
     <authorization> 
      <allow roles="Admin"/> 
      <deny users="*"/> 
     </authorization> 
    </system.web> 
</location>

希望這樣的事情能爲你工作。

來源

2009-08-28 19:18:44

+0

我在標籤之間有很多其他的東西。我需要複製它的所有內容嗎? – 2009-08-28 20:22:01

+0

你知道,我誤解了你的問題。爲了看到這個的其他人 - 不,你不必複製整個system.web內容。你應該很好走。 – 2011-04-29 19:53:04

相關問題

 相關問題