authentication and excluding .aspx page by routing MVC

ISSUE:

For example, one page accessed as:

{physicalPath}/popup/Page1.aspx
{projectPath}/popup/Page1.aspx {serverPath}/apsx/external/Page/{id}

Route is registered in Global.asax as:

routes.MapPageRoute("ViewPage","external/Page/{AccessKey}/","~/popup/Page1.aspx",false,newRouteValueDictionary{{ ACCESSKEY,HttpRoutes.RouteParameter.Optional}});
routes.RouteExistingFiles=false;

In Web.config added node:

<locationpath="external"><system.web><authorization><allowusers="?"/><allowusers="*"/></authorization></system.web></location>

Form authentication is configured as:

<authenticationmode="Forms"><formstimeout="120"domain="{host}"cookieless="UseCookies"enableCrossAppRedirects="true"name=".ASPXAUTH"loginUrl="~/Login.aspx"defaultUrl="~/Home/"/></authentication> <authorization><denyusers="?"/><allowusers="*"/></authorization>

When I try to access page using Url:

https://{host}:444/apsx/external/Page/?AccessKey=%3daa3%3ddsa9dsA/dwq62%3bwdq5

I get redirected to Login.aspx.

Also tried following:

protectedvoidApplication_BeginRequest(object sender,EventArgs e){HttpContext.Current.Response.AddHeader("x-frame-options","SAMEORIGIN");if(Request.Path=="/apsx/external/Page/"){HttpContext.Current.SkipAuthorization=true;}}

Have not helped :(

SOLUTION:

 If configure Web.config as I described upper, you can specify pattern with virtual path starts from, and apply settings not only to physical files.

For example:

routing:

routes.MapPageRoute("ViewPage","external/Page/{AccessKey}/","~/popup/Page1.aspx",false,newRouteValueDictionary{{ ACCESSKEY,HttpRoutes.RouteParameter.Optional}});

false - the key value, details there.

web config:

<locationpath="external"><system.web><authorization><allowusers="?"/><allowusers="*"/></authorization></system.web></location>

path="external" because my route begins with "external" : 

"external/Page/{AccessKey}/"

authentication and excluding .aspx page by routing MVC,古老的榕树,5-wow.com

郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。