ASP.NET 基于角色的访问
我有以下网站结构:
我希望这样做是拒绝任何不' t 具有 RegisteredUser 角色的登录用户,但在 Reset.aspx 和 Validation.aspx 上,它允许任何人(已登录-或不)访问,但是现在情况并非如此。
不是 RegisteredUser 的每个人都无法访问这两个页面,我做错了什么?
更新 即使这样也行不通:
<?xml version="1.0"?>
<configuration>
<location path="Reset.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="Validation.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
</configuration>
这没有任何意义,这不是应该是系统默认的吗?
I have the following site structure:
What I'd expect this to do was to deny anyone who isn't a logged-in user with the RegisteredUser role, except on Reset.aspx and Validation.aspx, where it would allow anyone (logged-in or not) to access, but this isn't the case right now.
Everyone who isn't a RegisteredUser isn't able to access these two pages, what am I doing wrong?
Update Even this won't work:
<?xml version="1.0"?>
<configuration>
<location path="Reset.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="Validation.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
</configuration>
It doesn't make any sense, isn't this supposed to be the system default?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您不需要映射路径,只需映射文件名:
You do not need to map paths, only file names: