2)设置Web.config <system.web> <authentication mode = "Windows"> <!--通知操作系统将当前登录的用户的信任书传递给浏览器--> <authorization> <!--禁止匿名用户访问--> <deny users = "?"/> </authorization> </system.web> 二.配置Forms身份认证 1)配置web.config 代码如下: <?xml version="1.0"?> <!-- Note: As an alternative to hand editing this file you can use the web admin tool to configure settings for your application. Use the Website->Asp.Net Configuration option in Visual Studio. A full list of settings and comments can be found in machine.config.comments usually located in /Windows/Microsoft.Net/Framework/v2.x/Config --> <configuration> <appSettings/> <connectionStrings/> <!--允许匿名用户登录register.aspx页--> <location path="register.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location> <system.web> <!-- Set compilation debug="true" to insert debugging symbols into the compiled page. Because this affects performance, set this value to true only during development. --> <compilation debug="true"/> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <authentication mode="Forms"> <forms name="auth" loginUrl="login.aspx" timeout="30" protection="All" path="/"></forms> </authentication> <!--禁止匿名用户登录--> <authorization> <deny users="?"/> </authorization> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace.
