----------------------global文件内容-------------------------------------------------------------- protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (HttpContext.Current.User != null)//如果当前的http信息中存在用户信息 { if (HttpContext.Current.User.Identity.IsAuthenticated)//如果当前用户的身份已经通过了验证 { if (HttpContext.Current.User.Identity is FormsIdentity) { //如果当前用户身份是FormsIdentity类即窗体验证类,此类有个属性能够访问当前用户的验证票 //创建个FormsIdentity类,用他来访问当前用户的验证票 FormsIdentity fi = (FormsIdentity)HttpContext.Current.User.Identity; //获得用户的验证票 FormsAuthenticationTicket ticket = fi.Ticket; //从验证票中获得用户数据也就是角色数据 string userData = ticket.UserData; //把用户数据用,分解成角色数组 string[] roles = userData.Split(','); //重写当前用户信息,就是把角色信息也加入到用户信息中 HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(fi, roles); } } } } -------------------------------------------------------------------------------------------------- ------------登陆中的代码-------------------------------------------------------------------- System.Web.Security.FormsAuthentication.SetAuthCookie(name,false); //临时Cookie用在需要角色验证的情况下 //创建一个新的验证票FormsAuthenticationTicket FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1,//票版本号 name,//关联验证票的用户名 DateTime.Now,//生成cookie时间 DateTime.Now.AddSeconds(30),//cookie的有效时间 false,//是不是永久存在的cookie "manager", FormsAuthentication.FormsCookiePath ); //把验证票加密 string hashTicket = FormsAuthentication.Encrypt(ticket); //设置验证票cookie,第一个参数为cookie的名字,第二个参数为cookie的值也就是加密后的票 HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashTicket); //把cookie加进Response对象发生到客户端 Response.Cookies.Add(cookie); ---------------------------------------------------------------------------------------------------------- 节点配置项 在<system.web>节点下 注意重写LocalSqlServer1连接字符串 <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="20"> <providers> <remove name="AspNetSqlProvider" /> <add name="SqlProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer1" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Hashed" minRequiredNonalphanumericCharacters="0" applicationName="/" /> </providers> </membership> -------------------------------------------------------------------------------------------------------------