比如我在用户数据库里多增加一个类型字段(0,1,2,3)之类的
然后用目录配置文件中的<allow roles="0" />限制用户目录访问
以下是我原程序中的登录cookie写入方式.
string userRoles = model.Ltype.ToString();
FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, user_name, DateTime.Now, DateTime.Now.AddMinutes(30), false, userRoles,"/");
string HashTicket = FormsAuthentication.Encrypt(Ticket);
HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket);
UserCookie.Domain = Domainym;
HttpContext.Current.Response.Cookies.Add(UserCookie);
再用子目录中的Web.config加己限制
<authorization>
<!--限制为只有0和3的用户可以访问这个目录-->
<allow roles="0,3" />
<deny users="*" />
</authorization>
现在如果用
HttpCookie cookie = new HttpCookie("dnt", HashTicket);
cookie.Values["userid"] = uid.ToString();
cookie.Values["username"] = userinfo.Username.ToString();
cookie.Values["password"] = Utils.UrlEncode(SetCookiePassword(userinfo.Password, passwordkey));
if (Templates.GetTemplateItem(templateid) == null)
{
templateid = 0;
foreach(string strTemplateid in Utils.SplitString(Templates.GetValidTemplateIDList(), ","))
{
if (strTemplateid.Equals(userinfo.Templateid.ToString()))
{
templateid = userinfo.Templateid;
break;
}
}
}
cookie.Values["tpp"] = userinfo.Tpp.ToString();
cookie.Values["ppp"] = userinfo.Ppp.ToString();
cookie.Values["pmsound"] = userinfo.Pmsound.ToString();
if (invisible != 0 || invisible != 1)
{
invisible = userinfo.Invisible;
}
cookie.Values["invisible"] = invisible.ToString();
cookie.Values["referer"] = "index.aspx";
cookie.Values["sigstatus"] = userinfo.Sigstatus.ToString();
cookie.Values["expires"] = expires.ToString();
//if (expires > 0)
//{
// cookie.Expires = DateTime.Now.AddMinutes(expires);
//}
cookie.Expires = DateTime.Now.AddDays(1);
cookie.Domain = RootDomin;
HttpContext.Current.Response.Cookies.Add(cookie);
这种方式要用这个做登录的话
怎么做才能让我主站子目录中的配置文件
<authorization>
<!--限制为只有0和3的用户可以访问这个目录-->
<allow roles="0,3" />
<deny users="*" />
</authorization>
生效.
还有就是我用现在的论坛登录代码.我原来程序的识别用户登录都用不了了.Page.User.Identity.IsAuthenticated