以前的項(xiàng)目遇到用戶驗(yàn)證問(wèn)題全都采用windows驗(yàn)證方式,最近公司項(xiàng)目中要求采用Forms驗(yàn)證方式。
總結(jié)如下:
1.登錄頁(yè)面代碼
PRotected void Button1_Click(object sender, EventArgs e)
{
FormsAuthenticationTicket ticket=new FormsAuthenticationTicket (1,"LoginName",DateTime.Now,DateTime.Now.AddMinutes(20),false,"aaa",FormsAuthentication.FormsCookiePath);
HttpCookie cookie=new HttpCookie(FormsAuthentication.FormsCookieName,FormsAuthentication.Encrypt(ticket));
if(ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);
Response.Redirect("admin_page1.aspx");
}
2. Webconfig代碼
<authentication mode="Forms" >
<forms name="authTest" loginUrl="~/admin/admin_login.aspx" timeout="20">
</forms>
</authentication>
</system.web>
<location path="admin">
<system.web>
<authorization>
<allow roles="admin,aaa"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
3.Global文件代碼
添加application_AuthenticateRequest事件
if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if (HttpContext.Current.User.Identity is FormsIdentity)
{
string userData;
string[] roles;
userData = string.Empty;
try
{
if (Request.Cookies["authTest"] != null)
{
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(Request.Cookies["authTest"].Value);
if (ticket != null)
{
userData = ticket.UserData;
}
}
}
catch (Exception E)
{
HttpContext.Current.Response.Write("<!-- " + E.Message + " -->");
}
roles = userData.Split(',');
HttpContext.Current.User = new GenericPrincipal(HttpContext.Current.User.Identity, roles);
}
}
}
到此完成了Forms驗(yàn)證。
但我有疑問(wèn):如果客戶端禁用了cookie那么forms驗(yàn)證是否就失效了呢?
新聞熱點(diǎn)
疑難解答
圖片精選
網(wǎng)友關(guān)注
