제목 : Form 인증 사용(Web.config) : 로그인 하지 않은 사용자 OrderList.aspx 접근 금지
글번호:
|
|
119
|
작성자:
|
|
레드플러스
|
작성일:
|
|
2005/04/19 오후 8:21:00
|
조회수:
|
|
6383
|
<?xml version="1.0" encoding="euc-kr" ?>
<configuration>
<!-- application specific settings -->
<appSettings>
<add key="ConnectionString" value="server=localhost;database=RedPlusShoppingMall;uid=RedPlusShoppingMall;pwd=RedPlusShoppingMall;" />
</appSettings>
<!-- forms based authentication -->
<system.web>
<compilation debug="true" />
<pages validateRequest="true" />
<!-- enable Forms authentication -->
<authentication mode="Forms">
<forms name="RedPlusShoppingMall" loginUrl="Login.aspx" protection="All" path="/" />
</authentication>
<!-- enable custom errors for the application -->
<customErrors mode="RemoteOnly" defaultRedirect="ErrorPage.aspx" />
<!-- disable session state for application -->
<sessionState mode="Off" />
<globalization fileEncoding="euc-kr" requestEncoding="euc-kr" responseEncoding="euc-kr"/>
</system.web>
<!-- set secure paths -->
<!--
<location path="CheckOut.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="OrderList.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="OrderDetails.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
-->
<!--관리자만 접근 권한 주기-->
<location path="ProductAdd.aspx">
<system.web>
<authorization>
<allow users="admin, redplus"></allow>
<deny users="*"></deny>
</authorization>
</system.web>
</location>
</configuration>