但它不能解决这个问题
主Web.Config文件,其中包含有关身份验证成员身份和角色管理器的所有信息
<authentication mode="Forms">
<forms cookieless="UseCookies" path="/"
loginUrl="Login/default.aspx" protection="All" timeout="30">
</forms>
</authentication>
<membership defaultProvider="Demo_MemberShipProvider">
<providers>
<add name="Demo_MemberShipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="cs"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="5"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
<roleManager enabled="true" cacheRolesInCookie="true"
cookieName="TBHROLES" defaultProvider="Demo_RoleProvider">
<providers>
<add connectionStringName="cs"
applicationName="/" name="Demo_RoleProvider"
type="System.Web.Security.SqlRoleProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
<!--Admin Web.Config-->
<authorization>
<allow roles="Admin" />
<deny roles="User, Customer"/>
<deny users="?"/>
</authorization>
<!--Customer Web.Config-->
<authorization>
<allow roles="Admin, User, Customer" />
<deny users="?"/>
</authorization>
<!--User Web.Config-->
<authorization>
<allow roles="Admin, User" />
<deny roles="Customer"/>
<deny users="?"/>
</authorization>
这是用于登录的登录按钮代码
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (Membership.ValidateUser(Login1.UserName, Login1.Password) == true)
{
Login1.Visible = true;
Session["user"] = User.Identity.Name;
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, true);
}
else
{
Response.Write("Invalid Login");
}
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (Membership.ValidateUser(Login1.UserName, Login1.Password) == true)
{
Login1.Visible = true;
Session["user"] = User.Identity.Name;
var userRoles = Roles.GetRolesForUser(Login1.UserName);
var userIdentity = new GenericIdentity(Login1.UserName);
var principal = new GenericPrincipal(userIdentity, userRoles);
Context.User = principal;
if (User.IsInRole("Admin"))
Response.Redirect("~/ThePageForAdmin");
if (User.IsInRole("User"))
Response.Redirect("~/ThePageForUser");
if (User.IsInRole("Customer"))
Response.Redirect("~/ThePageForCustomer");
}
else
{
Response.Write("Invalid Login");
}
}