This time the system contains two subsystems, so a sub-role of the authentication system.
Web. config <system.web> settings
<authentication mode="Forms"> <!--verification method for form verification--<forms Name=". Aspxauth"Loginurl="~/login.aspx"protection=" All"timeout=" -"Path="/"></forms> </authentication> <authorization> <allow users="?"/> <!--root page is accessible by default for all users-</authorization>
Outside add
<!--set access permissions for the admin directory--<location path="admin/default.aspx"> <system.web> <authorization> <!--allow users with role admin access to <allow roles="Admin"/> <!--deny access to all other users-<deny users="*"/> <!--Note that the order of the two sentences cannot be changed--</authorization> </system.web> </location> <!--settings in Dex Directory access Rights-<location path="index/default.aspx"> <system.web> <authorization> <!--allow users with Stu to have access to <allow roles="Stu"/> <!--deny access to all other users-<deny users="*"/> <!--Note that the order of the two sentences cannot be changed--</authorization> </system.web> </location>
Login.aspx page after authentication passed
//Create an authentication ticketFormsAuthenticationTicket ticket =NewFormsAuthenticationTicket (1, UserName, DateTime.Now, DateTime.Now.AddMinutes ( -),false, userrole); //Encrypt the authentication ticket stringEncrticket =Formsauthentication.encrypt (ticket); //Create a cookieHttpCookie MyCookie =NewHttpCookie (Formsauthentication.formscookiename, Encrticket); //write a cookie to the clientResponse.Cookies.Add (MyCookie); //jump to the initial request page or the default pageResponse.Redirect (Formsauthentication.getredirecturl (UserName,false));
Golbal adding code to the global application
voidApplication_AuthenticateRequest (Objectsender, EventArgs e) { //Determines whether the authentication information for the user who is requesting the page is empty if(HttpContext.Current.User! =NULL) { //determine if the user has authenticated if(HttpContext.Current.User.Identity.IsAuthenticated) {//determine whether the current user authentication method is forms authentication if(HttpContext.Current.User.Identity isformsidentity) { //get the user ID for Forms authenticationFormsIdentity userident =(formsidentity) (HttpContext.Current.User.Identity); //obtaining user data from the authentication ticketFormsAuthenticationTicket ticket =Userident.ticket; stringUserData =ticket. UserData; //string UserData = UserIdent.Ticket.UserData; //segmenting user data to get an array of user roles string[] rolues = Userdata.split (','); //Initialize the GenericPrincipal class from the user identity and role groupHttpContext.Current.User =NewSystem.Security.Principal.GenericPrincipal (userident, rolues); } } } }
Set page jumps after authentication settings are complete
Add code to the default page
FormsIdentity id =(formsidentity) HttpContext.Current.User.Identity; if(ID. Ticket.UserData.Contains ("Admin")) { //Skip to error page with insufficient access rightsResponse.Redirect ("~/admin/default.aspx",true); } Else if(ID. Ticket.UserData.Contains ("Stu") {Response.Redirect ("~/index/default.aspx",true); } ElseResponse.Redirect ("~/login.aspx",true);
This completes the entire authentication.
No problem running on VS, post to IIS error Unable to cast an object of type "System.Security.Principal.GenericIdentity" to type " System.Web.Security.FormsIdentity ".
Find information:
1. Change the managed pipeline mode of the site application pool from "integrated" to "classic"
2. The site "handler mapping" adds the ". aspx" request path to the executable file "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll", or change the status of 4.0 in ISAPI to a usable state
The above Netizen successfully solves the problem the method in I this all does not have ...
Login.aspx,golbal.asax,default.aspx, the code has been adjusted countless times, the various methods are not valid.
=============================================================================================================== ====
Whim to change the IP address to 192.127.1.8080/login.aspx,。。。 OK, finally do not report the wrong interface.
An error message indicates that an object of type ' System.Security.Principal.GenericIdentity cannot be cast to type ' System.Web.Security.FormsIdentity ' and authentication is out of order. Always assumed that IIS had special settings for role authentication, but the default document was not set correctly when it was last discovered.
Use The default Documents feature page to configure a list of default documents. If a user accesses your Web site or application, but does not specify a document name, you can configure IIS to provide a default document, such as Default.htm. IIS returns the first default document in the list that matches the file name in the directory.
My landing page is Login.aspx,iis search return default.aspx. Default.aspx page with a line of code
FormsIdentity id = (formsidentity) HttpContext.Current.User.Identity;
(formsidentity) HttpContext.Current.User.Identity; FormsIdentity in indicates "a user identity that uses forms authentication for authentication", 192.127.1.8080 request to send skips the authentication interface. So the error.
FIX: "Add" login.aspx in default document
(You need to add the login default document every time the site is published, so you want to navigate to the login page in the code, but found that whether you set a jump on the default page or add settings to the Golbal page, you will get an error, you must add the login page to authenticate first )
An object of type ' System.Security.Principal.GenericIdentity cannot be cast to type ' System.Web.Security.FormsIdentity '.