我正在将ASP.Net Web表单应用程序从“成员资格”转移到“身份”。通常,一切正常,但是当我注销后尝试进入登录页面时,出现错误404.15查询字符串太长的情况。似乎有些东西在反复添加返回网址。
https://localhost:44350/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FAccount%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FAccount%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FAccount%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FAccount%252525252525252525252525252525252525252FLogin
在Account文件夹中,web.config中包含以下内容
<?xml version="1.0"?>
<configuration>
<location path="Login.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
当我将其更改为仅拒绝访问特定页面而不允许访问特定页面时,我看不到此问题,但是该应用程序的菜单开始显示匿名用户的帐户管理。
有人对如何解决此问题有任何建议吗?
答案 0 :(得分:0)
我不得不做一些事情来解决这个问题。首先,为了消除404.15错误,我更新了帐户文件夹的web.config文件,以仅拒绝匿名用户访问某些页面,而不是拒绝匿名用户访问帐户文件夹并允许在需要时访问已知用户。那是
<?xml version="1.0"?>
<configuration>
<location path="Profile.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
进行此更改后,以前没有显示匿名用户的菜单项PROFILE。为了解决该问题,我现在使用从站点地图构建的两个不同菜单。一个用于匿名用户,另一个用于经过身份验证的用户。
匿名用户的网站地图:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode title="ROOT" description="Root" roles="*">
<siteMapNode title="HOME" description="Home" roles="*" url="~/" />
<siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
<siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
</siteMapNode>
</siteMap>
经过身份验证的用户的站点地图:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode title="ROOT" description="Root" roles="*">
<siteMapNode title="HOME" description="Home" roles="*" url="~/" />
<siteMapNode title="PROFILE" description="Profile" roles="*" url="~/Account/Profile" />
<siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
<siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
<siteMapNode title="ADMIN" description="Admin" roles="Administrator" url="~/Admin/Admin" />
</siteMapNode>
</siteMap>
从那里,我将两个站点地图都添加到了web.config文件中:
<system.web>
<siteMap defaultProvider="MenuSiteMapProvider" enabled="true">
<providers>
<add name="MenuSiteMapProvider" description="Default Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Menu.sitemap" securityTrimmingEnabled="true" />
<add name="MemberSiteMapProvider" description="Member Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Member.sitemap" securityTrimmingEnabled="true" />
</providers>
</siteMap>
</system.web>
最后,我更新了网站的主页,以对匿名或已验证用户使用正确的菜单:
Microsoft.Owin.Security.IAuthenticationManager authManager = Request.GetOwinContext().Authentication;
System.Security.Claims.ClaimsPrincipal authUser = authManager.User;
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var user = manager.FindById(authUser.Identity.GetUserId<long>());
MenuSiteMap.Provider = SiteMap.Providers[user == null ? "MenuSiteMapProvider" : "MemberSiteMapProvider"];