<authentication mode="Forms"> <forms name="app" loginUrl="bb.aspx"/> </authentication> <authorization> <deny users="?"/> </authorization>Roles.xml
<?xml version="1.0" encoding="utf-8" ?> <roles> <user name="Bob" roles="Sales" /> <user name="Jane" roles="Supervisor,Sales" /></roles>bb.aspx
private void Button1_Click(object sender, System.EventArgs e)
{
System.Web.Security .FormsAuthentication .RedirectFromLoginPage(this.TextBox1 .Text,false);
}Global.asax
protected void Application_AuthenticateRequest(Object sender, EventArgs e) { string strUserName; XmlDocument objRoles; XmlNode objNode; string strXPath; objRoles = GetRoles(); if ( Context.Request.IsAuthenticated )
{
strUserName = Context.User.Identity.Name; strXPath = string.Format( "user[@name='{0}']", strUserName ); objNode = objRoles.DocumentElement.SelectSingleNode( strXPath ); if (objNode != null) { string[] arrRoles = objNode.Attributes["roles"].Value.Split (new char[] {','}); // 这很重要返回为 string[] 类型,要保证被分割.......
foreach(string s in arrRoles) { this.Response .Write (s+ arrRoles.Length .ToString ());
} Context.User = new GenericPrincipal( Context.User.Identity, arrRoles); } } } XmlDocument GetRoles() { XmlDocument objRoles; objRoles = (XmlDocument)Context.Cache[ "Roles" ]; if ( objRoles == null ) { objRoles = new XmlDocument(); objRoles.Load( Server.MapPath( "Roles.xml" ) ); Context.Cache.Insert( "Roles", objRoles, new CacheDependency( Server.MapPath( "Roles.xml" ) ) ); } return objRoles; }Default.aspx
if ( User.IsInRole( "Sales" ) ) { Response.Write( "You have Sales permissions!" ); // User.Identity .AuthenticationType.ToString (); } if (User.IsInRole ("Supervisor")) { Response.Write( "You have supervisor permissions!" ); }