zoukankan      html  css  js  c++  java
  • authentication and excluding .aspx page by routing MVC

    ISSUE:

    For example, one page accessed as:

    {physicalPath}/popup/Page1.aspx
    {projectPath}/popup/Page1.aspx {serverPath}/apsx/external/Page/{id}

    Route is registered in Global.asax as:

    routes.MapPageRoute("ViewPage","external/Page/{AccessKey}/","~/popup/Page1.aspx",false,newRouteValueDictionary{{ ACCESSKEY,HttpRoutes.RouteParameter.Optional}});
    routes.RouteExistingFiles=false;

    In Web.config added node:

    <locationpath="external"><system.web><authorization><allowusers="?"/><allowusers="*"/></authorization></system.web></location>

    Form authentication is configured as:

    <authenticationmode="Forms"><formstimeout="120"domain="{host}"cookieless="UseCookies"enableCrossAppRedirects="true"name=".ASPXAUTH"loginUrl="~/Login.aspx"defaultUrl="~/Home/"/></authentication> <authorization><denyusers="?"/><allowusers="*"/></authorization>

    When I try to access page using Url:

    https://{host}:444/apsx/external/Page/?AccessKey=%3daa3%3ddsa9dsA%2fdwq62%3bwdq5

    I get redirected to Login.aspx.

    Also tried following:

    protectedvoidApplication_BeginRequest(object sender,EventArgs e){HttpContext.Current.Response.AddHeader("x-frame-options","SAMEORIGIN");if(Request.Path=="/apsx/external/Page/"){HttpContext.Current.SkipAuthorization=true;}}

    Have not helped :(

    SOLUTION:

     If configure Web.config as I described upper, you can specify pattern with virtual path starts from, and apply settings not only to physical files.

    For example:

    routing:

    routes.MapPageRoute("ViewPage","external/Page/{AccessKey}/","~/popup/Page1.aspx",false,newRouteValueDictionary{{ ACCESSKEY,HttpRoutes.RouteParameter.Optional}});

    false - the key value, details there.

    web config:

    <locationpath="external"><system.web><authorization><allowusers="?"/><allowusers="*"/></authorization></system.web></location>

    path="external" because my route begins with "external" : 

    "external/Page/{AccessKey}/"
  • 相关阅读:
    精通javascript、javascript语言精粹读书笔记
    javascript语言精粹。3、对象;4、函数;深入原型链,对象的原理!
    权限管理
    javascript碎碎念(面向对象备忘)
    几个JavaScript面试题
    JavaScript类属性的定义方法和区别
    j
    Java调用SQL存储过程 输入输出参数(转)
    Java中文乱码解决
    js中eval详解
  • 原文地址:https://www.cnblogs.com/happy-Chen/p/3622456.html
Copyright © 2011-2022 走看看