forms-authentication

问题 I have an ASP.NET MVC 3 application with forms authentication. For some reason that I cannot see, the login redirect url is /Account/Login?ReturnUrl=%2fSecure%2fAction instead of /Account/LogOn?ReturnUrl=%2fSecure%2fAction . The difference is subtle, its using /Account/ Login instead of /Account/ LogOn . My web.config forms section is correct. Would else could possibly affect the login url?? <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="720" /> </authentication> 回答1

问题 I have an ASP.NET MVC 3 application with forms authentication. For some reason that I cannot see, the login redirect url is /Account/Login?ReturnUrl=%2fSecure%2fAction instead of /Account/LogOn?ReturnUrl=%2fSecure%2fAction . The difference is subtle, its using /Account/ Login instead of /Account/ LogOn . My web.config forms section is correct. Would else could possibly affect the login url?? <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="720" /> </authentication> 回答1

问题 I have enabled form authentication in my ASP.NET MVC web application. I want to allow anonymous users access only to some specific pages, including Register.cshtml for instance. I was able to allow access to my CSS-file from my root web.config by doing this. <location path="Content/Site.css"> <system.web> <authorization> <allow users="*"/> </authorization> </system.web> </location> Now I want to allow anonymous access to other pages, like Home and Register. Do any body know how to achieve

问题 For forms authentication I used this in web.config (note the domain attribute): <authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880" name=".ASPXAUTH" protection="Validation" path="/" domain=".myserver.dev" /> </authentication> How is a single sign-on across subdomains configured for the new ASP.NET Identity Framework in Mvc 5? More Info: I am creating a multitenant application. Each client will be on a subdomain: client1.myapp.com client2.myapp.com I want a user to

问题 I've read everything on this topic I could find, including MSDN articles and SO posts, but I'm still very lost and confused. Questions Please answer the following (briefly, if possible): What is SimpleMembership/SimpleMembershipProvider ( WebMatrix.WebData ) and what is it/are they responsible for? What is WebSecurity ( WebMatrix.WebData )? What is the Membership ( System.Web.Security ) class? Why does MVC4 create a UserProfile table and a webpages_Membership table? What are they for and what

问题 I'm trying to add simple Authentication and Authorization to an ASP.NET MVC application. I'm just trying to tack on some added functionality to the basic Forms Authentication (due to simplicity and custom database structure) Assuming this is my database structure: User: username password role (ideally some enum. Strings if need be. Currently, user only has ONE role, but this might change) High Level Problem: Given the above database structure, I would like to be able to do the following:

问题 Is it possible to authenticate users across sub-domains when the authentication takes place at a sub-domain instead of the parent domain? For example: User logs into site1.parent.com, and then we need to send them to reporting.parent.com. Can I authenticate them to the reporting site even though the log-in occured at a sub-domain? So far all of the research I have done has users logging into the parent domain first and then each sub-domain has access to the authentication cookie. 回答1: You can

问题 I'm playing around with MVC 4 for the first time to check out what's been changed/added/etc compared to MVC 3. To start off, I created a blank MVC 4 Web Application and started building from scratch. One of the first things that I noticed that is different in MVC 4 is the fact that the following web.config settings have no affect on the accessibility of the web pages: <configuration> <location path=""> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> </location> .

问题 I have this section in the Web.config for my MVC3 application: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="20" slidingExpiration="true"/> </authentication> Until recently every time the code hit an [Authorize] attribute the LogOn.cshtml page was shown. All of a sudden the redirection takes place to Account/Login (not the 'i' instead of the 'O'!!!) and I get a resource not found exception. I did a Find on the Web.config and could not find the word 'login' anywhere!

问题 I am using forms authentication with Asp.Net 4. At the moment when the users click on logout link, I clear the session and call FormsAuthentication.SignOut() and this prevents the users from going back to the site without a logging in again. Now I want to kill the session when the browser or tab is closed. I tried doing this by handling onbeforeunload event, but I ended up killing the session after clicking any internal links. Any ideas how I can do this? 回答1: The authentication cookies are