In web. config:
<Authentication>
Format:
<Authentication mode = "Forms"> // I. windows: IIS authentication method II. forms: form-based authentication method III. passport: uses the Passport cookie Authentication Mode IV. none: no verification method is used.
<Forms name = ". ASPXUSERDEMO" loginUrl = "Login. aspx" protection = "All" timeout = "30" defaultUrl = "default. aspx"/>
// I. name: Specifies the Name of the Http cookie that completes authentication. II. loginUrl: If the page URL is redirected after verification is not passed or timeout, it is generally the login page, and the user is asked to log on again III. protection: Specifies the cookie data Protection method [. all indicates data encryption and verification of validity. none indicates that the Cookie is not protected. c. encryption indicates that the Cookie content is encrypted d. validation indicates the validity of the Cookie content]. IV. timeOut: Specifies the Cookie expiration time. you need to log on again after the timeout.
</Authentication>
<Authorization>
<Deny users = "? "/> // If this parameter is set to *, all users whose packets have passed verification work.
</Authorization>
Login. aspx:
FormsAuthentication. RedirectFromLoginPage (userid, false); // locate the previous page
Response. Redirect ("zzz. aspx ");
// RedirectFromLoginPage encapsulates the login information to be transferred. It must be transmitted only when mode = "Forms", and Response. Redirect is used for page conversion.
// The value is Page. User. Identity. Name [where userid is stored].
// Difference from GetRedirectUrl: the latter stores the location defined in defaultUrl = "default. aspx"
Methods for clearing forms authentication:
FormsAuthentication. SignOut ();
Reprinted from: http://hi.baidu.com/yfqsdie/item/36338cbe7df31ca0ebba9331