一个简单的ASP.NET Forms 身份认证的实例方法



Web.config
代码如下:
<configuration>
 <system.web>
  <compilation debug="true"/>
  <authentication mode="Forms">
   <forms loginUrl="login.aspx" name = ".ASPXFORMSAUTH" />
  </authentication>
  <authorization>
   <deny users="?"/>
  </authorization>
 </system.web>
</configuration>

default.aspx
代码如下:
<HTML>
<HEAD>
<TITLE>首页</TITLE>
<script language="VB" runat="server">
 Sub Page_Load(Sender As Object, e As EventArgs)
  Message.Text = String.Format("你好，{0}", Context.User.Identity.Name)
 End Sub
 sub btnSignout_Click(Sender as Object, E as EventArgs)
  FormsAuthentication.SignOut()
  Response.Redirect("login.aspx")
 end sub
</script>
</HEAD>
<BODY>
<asp:label id="Message" runat="server"/>
<br>
<form method="post" runat="server">
 <asp:button id="btnSignout" Text="退出登录" runat="server" OnClick="btnSignout_Click"/>
</form>
</BODY>
</HTML>

login.aspx
代码如下:
<HEAD>
<TITLE>首页</TITLE>
<script lanugage="c#" runat="server">
 private void Page_Load(object sender, EventArgs e)
 {
  if (Request.IsAuthenticated)
    Response.Redirect("default.aspx");
 }
 void btnLogin_Click(Object sender, EventArgs e)
 {
  if (txtUsername.Text != null && txtUsername.Text != String.Empty && txtPassword.Text != null && txtPassword.Text != String.Empty)
   FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, true);
  else
   lblError.Text = "错误的用户名/密码";
 }
</script>
</HEAD>
<BODY>
<form method="post" runat="server">
 <asp:Label id="lblUsername" runat="server" Text="用户名："/>
    
 <asp:Textbox id="txtUsername" runat="server"/>
 <br>
 <br>
 <asp:Label id="lblPassword" runat="server" Text="密　码："/>
    
 <asp:Textbox id="txtPassword" runat="server" TextMode="password"/>
 <br>
 <asp:button id="btnLogin" runat="server" Text="登录" OnClick="btnLogin_Click" />
</form>
<hr>
 <br>
 <asp:Label id="lblError" forecolor="red" runat="server"/>
</BODY>
</HTML>