asp.net表单身份验证仅重定向到default.aspx

Question

我正在使用带有激活电子邮件的ASP.NET表单身份验证。我已经完成注册工作，它将用户添加到数据库并发送激活电子邮件，电子邮件发送给用户并点击它并被激活。我能够使用正确的信用登录，但每次都只能重定向到我项目根目录下的default.aspx。我尝试添加链接到允许该角色的子目录中的页面 - 但它只是将您带回登录页面。当你登录再次 - 它只是回到Default.aspx的

这里是login.aspx.vb

Imports System.Data 
Imports System.Configuration 
Imports System.Data.SqlClient 
Imports System.Web.Security 
Imports Microsoft.VisualBasic 
Imports System 




Partial Class login 
Inherits System.Web.UI.Page 

Protected Sub ValidateUser(sender As Object, e As AuthenticateEventArgs) Handles Login1.Authenticate 
    Dim userID As Integer = 0 
    Dim roles As String = String.Empty 
    Session("roles") = Nothing 
    Using con As New SqlConnection("Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True") 
     Using cmd As New SqlCommand("Validate_User") 
      cmd.CommandType = CommandType.StoredProcedure 
      cmd.Parameters.AddWithValue("@Username", Login1.UserName) 
      cmd.Parameters.AddWithValue("@Password", Login1.Password) 
      cmd.Connection = con 
      con.Open() 
      Dim reader As SqlDataReader = cmd.ExecuteReader() 
      If reader.Read() Then 
       userID = Convert.ToInt32(reader("UserId")) 
       roles = reader("RoleName").ToString() 
       Session("roles") = roles 
      End If 

      con.Close() 
     End Using 
     Select Case userID 
      Case 1 
       Login1.FailureText = "Username and/or password is incorrect." 
       Exit Select 
      Case 2 
       Login1.FailureText = "Account has not been activated." 
       Exit Select 
      Case Else 
       Dim ticket As New FormsAuthenticationTicket(1, Login1.UserName, DateTime.Now, DateTime.Now.AddMinutes(2880), Login1.RememberMeSet, roles, 
      FormsAuthentication.FormsCookiePath) 
       Dim hash As String = FormsAuthentication.Encrypt(ticket) 
       Dim cookie As New HttpCookie(FormsAuthentication.FormsCookieName, hash) 
       If ticket.IsPersistent Then 
        cookie.Expires = ticket.Expiration 
       End If 
       Response.Cookies.Add(cookie) 
       Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, Login1.RememberMeSet)) 
       Exit Select 
     End Select 
    End Using 
End Sub 
Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load 
    If Not Me.IsPostBack Then 
     If Me.Page.User.Identity.IsAuthenticated Then 
      FormsAuthentication.SignOut() 
      Response.Redirect("~/login.aspx") 
     Else 
      Session.Abandon() 
      Session.Clear() 
     End If 
    End If 
End Sub 
End Class 

这里的代码的Web配置（项目 - 我读一些关于必须根把每个目录下的web配置）

 <authentication mode="Forms"> 
     <forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx"  slidingExpiration="true" timeout="2880"> 
     </forms> 
    </authentication> 
    </system.web> 
     <!--https://www.codeproject.com/Articles/2905/Role-based-Security-with- Forms- Authentication--> 
     <location path="Admin"> 
     <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Admin" /> 
     <deny users="*" /> 
     </authorization> 
    </system.web> 
    </location> 
    <location path="Judges"> 
    <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Judge" /> 
     <deny users="*" /> 
     </authorization> 
    </system.web> 
    </location> 
    <location path="Students"> 
    <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Student" /> 
     <deny users="*" /> 
     </authorization> 
    </system.web> 
    </location> 

这里是目录结构... directory structure

完整的web配置...

<?xml version="1.0"?> 
<!-- 
For more information on how to configure your ASP.NET application, please visit 
http://go.microsoft.com/fwlink/?LinkId=169433 
--> 
<configuration> 
    <system.webServer> 
    <validation validateIntegratedModeConfiguration="false" /> 
    <handlers> 
     <remove name="ChartImageHandler" /> 
     <add name="ChartImageHandler" preCondition="integratedMode" verb="GET,HEAD,POST" path="ChartImg.axd" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> 
     <add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" /> 
    </handlers> 
    </system.webServer> 
    <connectionStrings> 
    <add name="Database" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True" 
     providerName="System.Data.SqlClient" /> 
    <add name="BandDatabaseConnectionString" connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BandDatabase.mdf;Integrated Security=True" 
     providerName="System.Data.SqlClient" /> 
    </connectionStrings> 
    <system.web> 
    <httpHandlers> 
     <add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" 
     validate="false" /> 
     <add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" 
     validate="false" /> 
    </httpHandlers> 
    <pages> 
     <controls> 
     <add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> 
     </controls> 
    </pages> 
    <compilation debug="true" strict="false" explicit="true" targetFramework="4.5"> 
     <buildProviders> 
     <add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" /> 
     </buildProviders> 
    </compilation> 
    <httpRuntime targetFramework="4.5" /> 
    <authentication mode="Forms"> 
     <forms defaultUrl="~/Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="2880"> 
     </forms> 
    </authentication> 
    </system.web> 
    <!--https://www.codeproject.com/Articles/2905/Role-based-Security-with-Forms-Authentication--> 
    <location path="Admin"> 
    <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Admin, Student, Judge" /> 
     <deny users="?" /> 
     </authorization> 
    </system.web> 
    </location> 
    <location path="Judges"> 
    <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Judge" /> 
     <deny users="?" /> 
     </authorization> 
    </system.web> 
    </location> 
    <location path="Students"> 
    <system.web> 
     <authorization> 
     <!-- Order and case are important below --> 
     <allow roles="Student" /> 
     <deny users="?" /> 
     </authorization> 
    </system.web> 
    </location> 
    <appSettings> 
    <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" /> 
    <add key="ChartImageHandler" value="storage=file;timeout=20;dir=c:\TempImageFiles\;" /> 
    </appSettings> 
    <system.net> 
    <mailSettings> 
     <smtp deliveryMethod="Network" from="people@overthere.com"> 
     <network host="localhost" userName="" password="" defaultCredentials="true" /> 
     </smtp> 
    </mailSettings> 
    </system.net> 
</configuration> 

Answer 1

的Web.config告诉你在哪里登录重定向到（Default.aspx的）：

<authentication mode="Forms"> 
    <forms defaultUrl="~/Default.aspx" 
     loginUrl="~/login.aspx" 
     slidingExpiration="true" timeout="2880"> 
    </forms> 
</authentication> 

我有一个使用在web.config重定向到默认页面登录页面。

我还在某些页面上使用单独的登录控件，这些页面会重定向到它们所在的页面。

注意：如果用户不允许在他们尝试登录的页面/目录中，他们会自动重定向到默认页面。