Running Your Secure Site

You will now run the site to verify //确认that the security you configured in the previous lesson is working as expected.

1. In the Solution Explorer, select Login.aspx. Press F5 to run the application.

2.  Log in as "marys" with the wrong password. Notice that the Login control displays an appropriate//适当的 message.

3.  Now log in as "marys" using the correct password: "Pa$$word!". When authenticated//确认正确后 you are taken to authors.aspx. Notice the LoginView control displays the message you specified for a logged-in user//为登录者指定的说明信息, and the LoginStatus control displays a Log Out link.

 

4. In the navigation menu select Home | Admin. Notice that you are redirected back//转向 to the Log In page.

Recall //回想起that Mary is the user who is not a member of the Administrator role. Because of this //因为此she is denied access//被拒绝访问, which by default //默认prompts //提示the user to log in as a different user. In the real world you would obviously want to display a message telling the user that access has been denied.

Also notice the ReturnUrl querystring parameter//返回地址查询参数. This parameter is automatically added to the login.aspx URL when a user unsuccessfuly attempts //试图to enter a secure area//安全区域. When present//存在,出现, the ReturnUrl//返回地址 value overrides //废除the Login control's DestinationPageUrl //目标文件地址property//属性, as you will see when you log in now as "johns".

5. Log in as "johns" with the same password.

John is a member of the Administrator role, so he was given access to the secure area.

This series of lessons//一系列课程 has shown you how easy it is to configure security for your ASP.NET application. The new suite of login controls, as well as the Web Site Administration Tool and built-in //内置入SQL Express provider//SQL简装版中, make setting up a robust //强壮的,强健的security mechanism //机制easier than ever before. And you did this all without any manual coding//人工编写代码.