ASP.NET 里身份验证安全相关配置

安全相关的

<authorization
                >
                <allow
                    verbs = ""
                    users = ""
                    roles = ""
                />
                <deny
                    verbs = ""
                    users = ""
                    roles = ""
                />

            </authorization>
        -->
        <authorization>
            <allow users="*" />
        </authorization>

  继续,在下面里,注意timeout单位是分钟。path默认为/

  <anonymousIdentification enabled="false" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="Validation" cookieless="UseCookies" />
        <!--
            <authentication
                mode = "Windows" [None | Windows | Passport | Forms]
                >
                <forms
                    name = ".ASPXAUTH" [String]
                    loginUrl = "login.aspx" [String]
                    defaultUrl = "default.aspx" [String]
                    protection = "All" [All | None | Encryption | Validation]
                    timeout = "30" [in Minutes][number]
                    path = "/" [String]
                    requireSSL = "false" [true|false]
                    slidingExpiration = "true" [true|false]
                    enableCrossAppRedirects = "false" [true|false]
                    cookieless = "UseDeviceProfile" [UseUri | UseCookies | AutoDetect | UseDeviceProfile]
                    domain = "" [String]
                    ticketCompatibilityMode = "Framework20" [Framework20 | Framework40]
                    >
                    <credentials
                        passwordFormat = "SHA1" [Clear | SHA1 | MD5]
                        >
                        <user
                            name = "" [String, Required, Collection Key]
                            password = "" [String, Required]
                        />

                    </credentials>
                </forms>
                <passport
                    redirectUrl = "internal" [String]
                />
            </authentication>
        -->
        <authentication mode="Windows">
            <forms name=".ASPXAUTH" loginUrl="login.aspx" defaultUrl="default.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" enableCrossAppRedirects="false" ticketCompatibilityMode="Framework20">
                <credentials passwordFormat="SHA1" />
            </forms>
            <passport redirectUrl="internal" />
        </authentication>

  

posted @ 2019-11-16 08:01  启明星工作室  阅读(293)  评论(0编辑  收藏  举报