zoukankan      html  css  js  c++  java
  • Asp.Net基于forms的验证机制

    构建基于forms的验证机制过程如下: 
    1,设置IIS为可匿名访问和asp.net web.config中设置为form验证 
    2,检索数据存储验证用户,并检索角色(如果不是基于角色可不用) 
    3,使用FormsAuthenticationTicket创建一个Cookie并回发到客户端,并存储 
      角色到票中,如: 
      FormsAuthentication.SetAuthCookie(Username,true | false) 
      cookies保存时间: 
      HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName].Expires=DateTime.Now.AddDays(1)

      如果需要存储角色,采用: 
     FormsAuthenticationTicket authTicket = new 
     FormsAuthenticationTicket( 
                1, // version 
                txtUserName.Text, // user name 
                DateTime.Now, // creation 
                DateTime.Now.AddMinutes(20),// Expiration 
                false, // Persistent 
                roles ); // User data 
      roles是一个角色字符串数组 
      string encryptedTicket = FormsAuthentication.Encrypt(authTicket); //加密

      存入Cookie 
      HttpCookie authCookie = 
      new HttpCookie(FormsAuthentication.FormsCookieName, 
      encryptedTicket);

      Response.Cookies.Add(authCookie);

    4,在Application_AuthenticateRequest事件中处理程序中(Global.asax)中,使用 
      票创建IPrincipal对象并存在HttpContext.User中 
      代码: 
      HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName]; 
      FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);//解密 
      string[] roles = authTicket.UserData.Split(new char[]{';'});//根据存入时的格式分解,;或|.... 
      Context.User = new GenericPrincipal(Context.User.Identity, Roles);//存在HttpContext.User中

    5,需要对某些页面进行角色控制,有两种方法: 
     5.1,web.config中加 
        <location path="EditPost.aspx"> 
     <system.web> 
      <authorization> 
                            <allow roles="RoleName" /> 
       <deny users="?" /> 
      </authorization> 
     </system.web> 
        </location> 
     5.2,把只能是某种角色访问的文件放在同一目录下,在此目录下添加一个web.config 
       <configuration> 
         <system.web> 
     <authorization> 
               <allow roles="RoleName" /> 
        <deny users="*" /> 
     </authorization> 
         </system.web> 
       </configuration>

  • 相关阅读:
    boost.numpy编译报错:undefined reference to `PyInt_FromLong' libboost_numpy.so: undefined reference to `PyCObject_AsVoidPtr'
    Could not find the following Boost libraries: boost_python3
    mxnet安装
    win7和Ubuntu双系统折腾记
    DBTest/1.TestWrite fails: MDB_BAD_TXN: Transaction cannot recover
    Permission denied:multiarray.cp35-win_amd64.pyd(tensorflow0.12.0在windows下安装)
    mxnet实战系列(一)入门与跑mnist数据集
    pgm revert转换 成jpg 人脸识别图片
    [jv-convert] Error 1,[all-recursive] Error 1
    make: g77: Command not found
  • 原文地址:https://www.cnblogs.com/top5/p/1575441.html
Copyright © 2011-2022 走看看