我正在将 ASP.Net Web 表单应用程序从成员身份移动到标识。一般来说,一切正常,但是当我注销然后尝试转到登录页面时,我收到错误 404.15 查询字符串太长。似乎有些东西在重复添加返回 url。
https://localhost:44350/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FAccount%252525252525252525252525252525252FLogin%252525252525252525252525252525253FReturnUrl%252525252525252525252525252525253D%25252525252525252525252525252525252FAccount%25252525252525252525252525252525252FLogin%25252525252525252525252525252525253FReturnUrl%25252525252525252525252525252525253D%2525252525252525252525252525252525252FAccount%2525252525252525252525252525252525252FLogin%2525252525252525252525252525252525253FReturnUrl%2525252525252525252525252525252525253D%252525252525252525252525252525252525252FAccount%252525252525252525252525252525252525252FLogin
在帐户文件夹中,我在 web.config 中有以下内容
<?xml version="1.0"?>
<configuration>
<location path="Login.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
当我将其更改为仅拒绝访问特定页面而不是允许特定页面时,我没有看到此问题,但是该应用程序的菜单开始显示匿名用户的帐户管理。
有人对如何解决这个问题有任何建议吗?
我必须做一些事情来解决这个问题。首先,为了摆脱 404.15 错误,我更新了帐户文件夹的 web.config 文件,以仅拒绝匿名用户访问某些页面,而不是拒绝匿名用户访问帐户文件夹并允许已知用户在需要时访问。那是
<?xml version="1.0"?>
<configuration>
<location path="Profile.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
通过该更改,PROFILE向匿名用户显示菜单项,而在此之前,它不是。为了克服这个问题,我现在使用两个不同的菜单,从站点地图构建。一个用于匿名用户,另一个用于经过身份验证的用户。
匿名用户的站点地图:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode title="ROOT" description="Root" roles="*">
<siteMapNode title="HOME" description="Home" roles="*" url="~/" />
<siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
<siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
</siteMapNode>
</siteMap>
经过身份验证的用户的站点地图:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode title="ROOT" description="Root" roles="*">
<siteMapNode title="HOME" description="Home" roles="*" url="~/" />
<siteMapNode title="PROFILE" description="Profile" roles="*" url="~/Account/Profile" />
<siteMapNode title="FORUM" description="Forum" roles="*" url="~/forum/" />
<siteMapNode title="ABOUT" description="About" roles="*" url="~/About" />
<siteMapNode title="ADMIN" description="Admin" roles="Administrator" url="~/Admin/Admin" />
</siteMapNode>
</siteMap>
从那里,我将两个站点地图添加到 web.config 文件中:
<system.web>
<siteMap defaultProvider="MenuSiteMapProvider" enabled="true">
<providers>
<add name="MenuSiteMapProvider" description="Default Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Menu.sitemap" securityTrimmingEnabled="true" />
<add name="MemberSiteMapProvider" description="Member Site Map Provider" type="System.Web.XmlSiteMapProvider" siteMapFile="Member.sitemap" securityTrimmingEnabled="true" />
</providers>
</siteMap>
</system.web>
最后,我更新了网站的母版页,以便为匿名或经过身份验证的用户使用正确的菜单:
Microsoft.Owin.Security.IAuthenticationManager authManager = Request.GetOwinContext().Authentication;
System.Security.Claims.ClaimsPrincipal authUser = authManager.User;
var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
var user = manager.FindById(authUser.Identity.GetUserId<long>());
MenuSiteMap.Provider = SiteMap.Providers[user == null ? "MenuSiteMapProvider" : "MemberSiteMapProvider"];