Asp.net 4.0 Forms Authentication和FriendlyUrls

<system.web>
    <authentication mode="Forms">
      <forms loginUrl="Account/login" name="LOGIN" defaultUrl="Account/Logged" timeout="15" cookieless="UseDeviceProfile" protection="All" slidingExpiration="true" />
    </authentication>
  </system.web>

  <location path="Account">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>

  <location path="Account/Register">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>

我对FriendlyURLs和Forms身份验证也有同样的问题(虽然是OWIN).试图访问授权内容页面试图重定向到/ Account / Login？returnUrl = / Account / Login,只有重定向卡在无限循环中,直到查询字符串超过最大长度！我能找到的唯一方法是将登录页面(或允许匿名访问的任何其他页面)放在自己的文件夹中,并授予对该文件夹而不是页面本身的访问权限.所以,如果我有/帐户/登录,我会添加：

<system.web>    
    <authorization>
      <deny users="?" />
    </authorization>
  </system.web>

  <location path="Account">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

我看到你为/ Account路径添加了规则,但已将其设置为拒绝.不确定您是否已将其更改为“允许本地或不…

虽然我使用MS OWIN的表单身份验证库,而不是默认的ASP.Net内置身份验证库,但我希望上面的内容也适用于标准的.仅供参考,我的表单身份验证身份验证设置如下所示：

public void ConfigureAuth(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,AuthenticationMode = AuthenticationMode.Active,LoginPath = new PathString("/Account/Login"),LogoutPath = new PathString("/Account/Logout"),ExpireTimeSpan = TimeSpan.FromHours(12),SlidingExpiration = true,CookieName = "MyCookieName.Session",CookieSecure = CookieSecureOption.SameAsRequest,// Required for AJAX calls
            CookieHttpOnly = false
        });
    }