In each ASP. NET applicationProgram. Select website-> ASP. NET configuration to add the required roles and users. In this case, the loginview control can be used to easily implement access permissions.
1) page-level Configuration authorization includes the following statements in the web. config file:
<System. Web>
<Authoization>
<Deny users = "*"/>
<Authorization>
<. System. Web>
<Location Path = "Admin. aspx">
<System. Web>
<Authorization>
<Allow roles = "reporter, owner, Administrator"/>
</Authorization>
<System. Web>
<Location>
(2) control page visibility
This is implemented through the Web. sitemap file.
<Sitemapnode Title = "Administration" url = "admin/admin. aspx"
Roles = "reporter, owner, Administrator">
(3) process roles through programming. For example, the following section describes how to handle discounts for store members.
(1 ),
Public double memberdiscount
{
Get
{
If (httpcontext. Current. User. isinrole ("fanclubmember "))
{
Return (this. Subtotal * memberdiscountpercentage );
}
}
}
The isinrole () method uses the role name for input testing.
(2 ),
If (context. User. isinrole ("fanclubmember "))
{
Subtotallabel. Text = string. Format ("Sub-total: {0, 35: c}", profile. Cart. Subtotal );
Memberdiscount. Text = string. Format ("member discount: {0: c}", profile. Cart. memberdiscount );
Discountpanel. Visible = true;
(4) enable the user configuration file
}
Experience:
- Displays or hides resources to selected users.
- Different page content is displayed based on the user roles on the view page.
- The link pointing to the selected page is displayed, and the user is reminded to pay attention to authorization.
- Stores more user information in the user's configuration file.
- Different types of data are stored in the user's configuration file, including users' preferences on the site topic.