总结asp.net的身份验证方式
2009-04-06 13:38
375 查看
asp.net提供了3种认证方式: windows身份验证, Forms验证和Passport验证.
windows身份验证: IIS根据应用程序的设置执行身份验证.要使用这种验证方式,在IIS中必须禁用匿名访问.
Forms验证:用Cookie来保存用户凭证,并将未经身份验证的用户重定向到自定义的登录页.
Passport验证:通过Microsoft的集中身份验证服务执行的,他为成员站点提供单独登录和核心配置文件服务.
一. 配置windows身份验证
1)配置IIS设置
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<appSettings/>
<connectionStrings/>
<!--允许匿名用户登录register.aspx页-->
<location path="register.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms">
<forms name="auth" loginUrl="login.aspx" timeout="30" protection="All" path="/"></forms>
</authentication>
<!--禁止匿名用户登录-->
<authorization>
<deny users="?"/>
</authorization>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
</configuration>
2)登录页面代码
login.aspx
1
3<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4
5<html xmlns="http://www.w3.org/1999/xhtml" >
6<head runat="server">
7 <title>Untitled Page</title>
8</head>
9<body>
10 <form id="form1" runat="server">
11 <div>
12 <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
13 <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="登陆" /></div>
14 </form>
15</body>
16</html>
1using System;
2using System.Data;
3using System.Configuration;
4using System.Collections;
5using System.Web;
6using System.Web.Security;
7using System.Web.UI;
8using System.Web.UI.WebControls;
9using System.Web.UI.WebControls.WebParts;
10using System.Web.UI.HtmlControls;
11
12public partial class login : System.Web.UI.Page
13
三.配置Passport身份认证
需要安装Passport Software Developer Kit.这种认证方式适合于跨站之间的应用,用户只有一个用户名和密码可以访问任何成员站。
附msdn文章:
Expain Windows Authorization http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0001.asp
Expain Form Authorization http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0002.asp
windows身份验证: IIS根据应用程序的设置执行身份验证.要使用这种验证方式,在IIS中必须禁用匿名访问.
Forms验证:用Cookie来保存用户凭证,并将未经身份验证的用户重定向到自定义的登录页.
Passport验证:通过Microsoft的集中身份验证服务执行的,他为成员站点提供单独登录和核心配置文件服务.
一. 配置windows身份验证
1)配置IIS设置
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<appSettings/>
<connectionStrings/>
<!--允许匿名用户登录register.aspx页-->
<location path="register.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms">
<forms name="auth" loginUrl="login.aspx" timeout="30" protection="All" path="/"></forms>
</authentication>
<!--禁止匿名用户登录-->
<authorization>
<deny users="?"/>
</authorization>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
</configuration>
2)登录页面代码
login.aspx
1
3<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4
5<html xmlns="http://www.w3.org/1999/xhtml" >
6<head runat="server">
7 <title>Untitled Page</title>
8</head>
9<body>
10 <form id="form1" runat="server">
11 <div>
12 <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
13 <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="登陆" /></div>
14 </form>
15</body>
16</html>
1using System;
2using System.Data;
3using System.Configuration;
4using System.Collections;
5using System.Web;
6using System.Web.Security;
7using System.Web.UI;
8using System.Web.UI.WebControls;
9using System.Web.UI.WebControls.WebParts;
10using System.Web.UI.HtmlControls;
11
12public partial class login : System.Web.UI.Page
13
三.配置Passport身份认证
需要安装Passport Software Developer Kit.这种认证方式适合于跨站之间的应用,用户只有一个用户名和密码可以访问任何成员站。
附msdn文章:
Expain Windows Authorization http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0001.asp
Expain Form Authorization http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGExplained0002.asp
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 总结asp.net的身份验证方式
- 总结asp.net的身份验证方式
- 总结asp.net的身份验证方式
- 总结asp.net的身份验证方式
- asp.net身份验证的几种方式总结
- 总结asp.net的身份验证方式
- asp.net中web用户身份验证的一种方式。
- ASP.NET Web 应用程序的身份验证方式
- ASP.net的身份验证方式有哪些?分别是什么原理?
- asp.net身份验证方式
- asp.net身份验证方式
- ASP.NET的Web.config文件中可配置哪些身份验证方式
- [转] ASP.net的身份验证方式有哪些?分别是什么原理?-asp.net关注
- asp.net中常用的几种身份验证方式
- asp.net身份验证方式
- asp.net中几种常用的身份验证方法总结
- ASP.net的身份验证方式有哪些?分别是什么原理?
- ASP.NET身份验证的几种方式
- asp.net中常用的几种身份验证方式
- ASP.NET的身份验证方式有哪些