<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="ConnectionString" value="server=localhost;Trusted_Connection=true;database=Commerce"/>
</appSettings>
<connectionStrings/>
<system.web>
<compilation debug="true"/>
<authentication mode="Forms">
<forms name="shopDoNetAuth" defaultUrl="Default.aspx" loginUrl="Default.aspx" protection="All" timeout="20" path="/"/>
</authentication>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
<location path="Checkout.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="OrderList.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="OrderDetails.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
另外用 User.Identity.Name != "" && User.Identity.Name != null 判断用户是否已登录