当我将文件重命名为.aspx时,我将提示登录表单
我没有什么好奇心我有一个非常简单的登录脚本,它应该只是重定向到index.html之后。
有什么建议么?总而言之,整个网站正在使用HTML(现在),需要受到密码保护。
<authentication mode="Forms"> <forms name="appNameAuth" path="/" loginUrl="~/login.aspx" defaultUrl="index.html" protection="All" timeout="525600"> <credentials passwordFormat="Clear"> <user name="[user]" password="[password]" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization>
解决方法
Onces ASP.NET正在为这些文件提供服务,您可以像任何aspx页面一样为其指定权限。
有关更多信息,请参阅MSDN:
By default,IIS processes static
content itself – like HTML pages and
CSS and image files – and only hands
off requests to the ASP.NET runtime
when a page with an extension of
.aspx,.asmx,or .ashx is requested.IIS 7,however,allows for integrated
IIS and ASP.NET pipelines. With a few
configuration settings you can setup
IIS 7 to invoke the
FormsAuthenticationModule for all
requests. Furthermore,with IIS 7 you
can define URL authorization rules for
files of any type. For more
information,see Changes Between IIS6
and IIS7 Security,Your Web Platform
Security,and Understanding IIS7 URL
Authorization.Long story short,in versions prior to IIS 7,you can only use forms authentication to protect resources handled by the ASP.NET runtime. Likewise,URL authorization rules are only applied to resources handled by the ASP.NET runtime. But with IIS 7 it is possible to integrate the FormsAuthenticationModule and UrlAuthorizationModule into IIS’s HTTP pipeline,thereby extending this functionality to all requests.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。