How to configure authentication in Asp.net (C #) to complete form-based authentication

Here comes the dummies again. This lecture applies what I learned. It is up to my personal spirit to bring the teacher into the door, so I will not discuss it in depth. Please advise me more ~

This course uses form-based authentication. In fact, in some cases, the account and password used to verify the identity do not need to exist in the database or configuration file. the authentication node in config plays a major role.

 

The purpose of this course:

Verify the identity of the user and log on to the admin. aspx background management page in the admin folder. Otherwise, anonymous users are prohibited from accessing any file in the admin folder of the project.

 

Step 1:

Add the following to Web. config in the root directory:

<System. Web>

<Authentication mode = "forms">
<Forms loginurl = "login. aspx" defaulturl = "admin/admin. aspx" name = ". aspxformsauth">
</Forms>
</Authentication>

</System. Web>

 Loginurl:Logon page

 Defaurl URL:After a correct logon, the webpage jumps to when no page is directed.

 

Step 2:

Create a web. config file in the admin folder and add the followingCode

<System. Web>
<! -- Reject anonymous users from accessing any files in this directory -->
<Authorization>
<Deny users = "? "/>
</Authorization>
</System. Web> 

 Deny users = "? ": Prohibit anonymous users from accessing any files in the Admin directory.

So far, as long as you access any file under admin, it will automatically jumpLogin. aspxLog on to the page. You must log on first. Otherwise, do not view the page.

 

Step 3:

In the root directory, create the login. aspx login page (not in the Admin directory) and addTwo textbox controlsAndA botton Control, Which areUser Name,Password, AndLogin button

Double-click the login button and write the following in the login method:

Protected void btn_login_click (Object sender, eventargs E)
{
If (textbox1.text = "admin" & textbox2.text = "fenghua17173 ")
{
// "Notification" form verification. The user name has passed identity verification.
Formsauthentication. redirectfromloginpage (textbox1.text, true );
}
Else
{
Response. Write ("<SCRIPT> alert ('account or password is incorrect, Logon Failed! '); </SCRIPT> ");
}
}

OK. Then, you fill in the account and password on the login. ASPX page, and the system will configureDefaurl URLThe address path jumps over, that isAdmin/admin. aspxPage.

Now all the pages under the Admin directory have passed identity authentication and obtained accessible tickets.

Last point:

Please do not forget to log on.Cancel, Which is simpler:

Add a Logout button to any page in the Admin directory and write it in the method:

 

// Exit the system and log out of the user
Protected void btn_logout_click (Object sender, eventargs E)
{
// Delete a User Ticket
Formsauthentication. signout ();

// Redirect to the login page
Formsauthentication. redirecttologinpage ();

}

 

Now you know how to configure authentication to complete form-based authentication.

OK. Today's tutorial is here. The fool's teacher has eaten cucumber and will see you in the next class.