Session全局登录验证

1.创建一个类
 CheckReght.cs 放置App_Code下
 实现 IHttpModule 接口
 代码:
  using System;
  using System.Data;
  using System.Configuration;
  using System.Linq;
  using System.Web;
  using System.Web.Security;
  using System.Web.UI;
  using System.Web.UI.HtmlControls;
  using System.Web.UI.WebControls;
  using System.Web.UI.WebControls.WebParts;
  using System.Xml.Linq;

  /// <summary>
  ///CheckRight 的摘要说明
  /// </summary>
  public class CheckRight:IHttpModule
  {
   public CheckRight()
   {
    //
    //TODO: 在此处添加构造函数逻辑
    //
   }

   #region IHttpModule 成员

   public void Dispose()
   {

   }

   public void Init(HttpApplication context)
   {
    context.AcquireRequestState += new EventHandler(context_AcquireRequestState);
   }
   //验证Session权限
   void context_AcquireRequestState(object sender, EventArgs e)
   {
    //验证Session权限
    HttpApplication app = sender as HttpApplication;
    HttpContext content = app.Context;
    //如果请求地址不是登录页面  才判断权限
    if (!content.Request.RawUrl.ToLower().Contains("login.aspx")&&!content.Request.RawUrl.ToLower().Contains(".jpg"))
    {
     if (content.Session["user"]==null)
     {
      content.Response.Redirect("~/Login.aspx?returnurl=" + content.Request.RawUrl);
     }
    }
   }

   #endregion
  }

2.web.config 下面注册
 <system.web>下面的
  <httpModules>
   <add name="right" type="CheckRight"/>
  </httpModules>
 </system.web>

3.登录button按钮下的代码
 if (txtName.Text.Trim()=="admin"&&txtPwd.Text.Trim()=="admin")
 {
  Session["user"] = txtName.Text.Trim();
  if (string.IsNullOrEmpty(Request.QueryString["returnurl"]))
  {
   Response.Redirect("Default.aspx");
  }
  else
  {
   Response.Redirect(Request.QueryString["returnurl"]);
  }
 }
 else
 {
  Response.Write("登录失败");
 }