ASP.NET 里身份验证安全相关配置
安全相关的
<authorization
>
<allow
verbs = ""
users = ""
roles = ""
/>
<deny
verbs = ""
users = ""
roles = ""
/>
</authorization>
-->
<authorization>
<allow users="*" />
</authorization>
继续,在下面里,注意timeout单位是分钟。path默认为/
<anonymousIdentification enabled="false" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="Validation" cookieless="UseCookies" />
<!--
<authentication
mode = "Windows" [None | Windows | Passport | Forms]
>
<forms
name = ".ASPXAUTH" [String]
loginUrl = "login.aspx" [String]
defaultUrl = "default.aspx" [String]
protection = "All" [All | None | Encryption | Validation]
timeout = "30" [in Minutes][number]
path = "/" [String]
requireSSL = "false" [true|false]
slidingExpiration = "true" [true|false]
enableCrossAppRedirects = "false" [true|false]
cookieless = "UseDeviceProfile" [UseUri | UseCookies | AutoDetect | UseDeviceProfile]
domain = "" [String]
ticketCompatibilityMode = "Framework20" [Framework20 | Framework40]
>
<credentials
passwordFormat = "SHA1" [Clear | SHA1 | MD5]
>
<user
name = "" [String, Required, Collection Key]
password = "" [String, Required]
/>
</credentials>
</forms>
<passport
redirectUrl = "internal" [String]
/>
</authentication>
-->
<authentication mode="Windows">
<forms name=".ASPXAUTH" loginUrl="login.aspx" defaultUrl="default.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" enableCrossAppRedirects="false" ticketCompatibilityMode="Framework20">
<credentials passwordFormat="SHA1" />
</forms>
<passport redirectUrl="internal" />
</authentication>
