基于Form的web身份验证--C#实施攻略
2011-07-27 16:34
483 查看
CustomIdentity类:
FormAuthenticationUtil类:
UserPrincipal类:
PageBaseHelper类:
PageBase类:
UserIdentity类:
Global中的配置:
页面中用户名密码验证通过时:
页面注销时:
附加图片:
webconfig 配置:
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Security.Principal; using System.Text; namespace BIReportCenter.Utility.Authentication { /// <summary> /// 用户身份信息 /// </summary> [Serializable] public class CustomIdentity : IIdentity { /// <summary> /// 用户自定义信息。 /// </summary> public String UserData { get; set; } #region IIdentity Members public virtual string AuthenticationType { get { return "Forms"; } } public virtual bool IsAuthenticated { get { return true; } } public virtual string Name { get { return string.Empty; } } #endregion public CustomIdentity(string userData) { UserData = userData; } public CustomIdentity() { } } }
FormAuthenticationUtil类:
using System; using System.Security.Principal; using System.Web; using System.Web.Security; namespace BIReportCenter.Utility.Authentication { public delegate IIdentity GetCustomIdentityMapper(string userData); public class FormsAuthenticationUtil { #region 共有 /// <summary> /// 保存票据,并跳转到登录页 /// </summary> /// <param name="userName"></param> /// <param name="userData"></param> /// <param name="createPersistentCookie"></param> /// <param name="strCookiePath"></param> public static void RedirectFromLoginPage(string userName, string userData, bool createPersistentCookie, string strCookiePath) { RedirectFromLoginPageMain(userName, userData, createPersistentCookie, strCookiePath); } /// <summary> /// 保存票据,并跳转到登录页 /// </summary> /// <param name="userName"></param> /// <param name="userData"></param> /// <param name="createPersistentCookie"></param> public static void RedirectFromLoginPage(string userName, string userData, bool createPersistentCookie) { RedirectFromLoginPageMain(userName, userData, createPersistentCookie, null); } /// <summary> /// 保存票据 /// </summary> /// <param name="userName"></param> /// <param name="userData"></param> /// <param name="createPersistentCookie"></param> public static void SetAuthCookie(string userName, string userData, bool createPersistentCookie) { SetAuthCookieMain(userName, userData, createPersistentCookie, null); } /// <summary> /// 保存票据 /// </summary> /// <param name="userName"></param> /// <param name="userData"></param> /// <param name="createPersistentCookie"></param> /// <param name="strCookiePath"></param> public static void SetAuthCookie(string userName, string userData, bool createPersistentCookie, string strCookiePath) { SetAuthCookieMain(userName, userData, createPersistentCookie, strCookiePath); } /// <summary> /// 从用户的票据信息中获取用户自定义信息,并初始化到HttpContext.Current.User中。 /// </summary> public static void GetFormTicketData(GetCustomIdentityMapper customIdentityMapper) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { var id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = (id.Ticket); if (!FormsAuthentication.CookiesSupported) { ticket = FormsAuthentication.Decrypt(id.Ticket.Name); } if (!string.IsNullOrEmpty(ticket.UserData)) { //HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles); // 由字符串解析的数据创建当前身份信息 HttpContext.Current.User = new UserPrincipal((IIdentity)customIdentityMapper(ticket.UserData)); return; } } } } HttpContext.Current.User = null; } #endregion #region 私有 private FormsAuthenticationUtil() { } private static void RedirectFromLoginPageMain(string userName, string userData, bool createPersistentCookie, string strCookiePath) { SetAuthCookieMain(userName, userData, createPersistentCookie, strCookiePath); HttpContext.Current.Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, createPersistentCookie)); } /// <summary> /// 创建并返回票据信息。 /// </summary> private static FormsAuthenticationTicket CreateAuthenticationTicket(string userName, string userData, bool createPersistentCookie, string strCookiePath) { string cookiePath = strCookiePath ?? FormsAuthentication.FormsCookiePath; //获取cookie的timeout int expirationMinutes = GetCookieTimeoutValue(); //创建票据 var ticket = new FormsAuthenticationTicket( 1, //版本 userName, // DateTime.Now, //票据创建时间 DateTime.Now.AddMinutes(expirationMinutes), //过期时间 createPersistentCookie, //是否持久化票据 userData, //权限信息 cookiePath); //cookie的有效路径 return ticket; } /// <summary> /// 获取票据的过期时间 /// </summary> /// <returns></returns> private static int GetCookieTimeoutValue() { return Convert.ToInt32(FormsAuthentication.Timeout.TotalMinutes); //int timeout = 30; //Default timeout is 30 minutes //XmlDocument webConfig = new XmlDocument(); //webConfig.Load(HttpContext.Current.Server.MapPath(@"~\web.config")); //XmlNode node = webConfig.SelectSingleNode("/configuration/system.web/authentication/forms"); //if (node != null && node.Attributes["timeout"] != null) //{ // timeout = int.Parse(node.Attributes["timeout"].Value); //} //return timeout; } /// <summary> /// 创建票据,并将票据存储至cookie或uri中。 /// </summary> private static void SetAuthCookieMain(string userName, string userData, bool createPersistentCookie, string strCookiePath) { FormsAuthenticationTicket ticket = CreateAuthenticationTicket(userName, userData, createPersistentCookie, strCookiePath); //加密票据 string encrypetedTicket = FormsAuthentication.Encrypt(ticket); if (!FormsAuthentication.CookiesSupported) { //如果客户端不支持cookie,就使用uri方式存储。 FormsAuthentication.SetAuthCookie(encrypetedTicket, createPersistentCookie); } else { //没有指定的情况下cookie的默认名称为: .ASPXAUTH,在web.config中的<forms>节点中指定 var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypetedTicket); if (ticket.IsPersistent) authCookie.Expires = ticket.Expiration; HttpContext.Current.Response.Cookies.Add(authCookie); } } #endregion } }
UserPrincipal类:
using System; using System.Collections.Generic; using System.Collections; using System.Linq; using System.Web; using System.Security.Principal; namespace BIReportCenter.Utility.Authentication { /// <summary> /// 用户身份信息 /// </summary> public class UserPrincipal : IPrincipal { #region IPrincipal Members protected IIdentity _IIdentity; public bool IsInRole(string role) { return true; } public IIdentity Identity { get { return _IIdentity; } set { this._IIdentity = value; } } #endregion /// <summary> /// 构造用户身份信息 /// </summary> /// <param name="iIdentity">当前请求用户的身份标识</param> public UserPrincipal(IIdentity iIdentity) { this._IIdentity = iIdentity; } public UserPrincipal() { this._IIdentity = null; } } }
PageBaseHelper类:
using System; using System.Collections.Generic; using System.Linq; using System.Web; using BIReportCenter.Utility.Authentication; namespace BIReportCenter.UI.ReportAdmin.WebUtilities { public static class PageBaseHelper { /// <summary> /// 获取当前用户的身份信息 /// </summary> public static UserIdentity CurrentUserInfo { get { var user = HttpContext.Current.User as UserPrincipal; return user == null ? null : user.Identity as UserIdentity; } } /// <summary> /// 更新当前用户身份信息 /// </summary> public static void UpdateAuthCookie() { FormsAuthenticationUtil.SetAuthCookie(CurrentUserInfo.UserName, CurrentUserInfo.ToString(), false); } } }
PageBase类:
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Security; using BIReportCenter.UI.ReportAdmin.WebUtilities; using BIReportCenter.Utility.Authentication; namespace AnalysisReports.WebUtilities { public class PageBase : System.Web.UI.Page { protected override void OnInit(EventArgs e) { if (CurrentUserInfo == null) { this.Response.Redirect("~/Login.aspx"); } base.OnInit(e); } /// <summary> /// 获取当前用户的身份信息 /// </summary> public UserIdentity CurrentUserInfo { get { UserPrincipal user = this.User as UserPrincipal; if (user != null) return user.Identity as UserIdentity; else return null; } } } }
UserIdentity类:
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Security.Principal; using System.Text; namespace BIReportCenter.UI.ReportAdmin.WebUtilities { /// <summary> /// 用户身份信息 /// </summary> [Serializable] public class UserIdentity : IIdentity { #region 数据成员 /// <summary> /// UserInfo,Id /// </summary> public Int32 UserId { get; set; } public String UserName { get; set; } public String UserRealName { get; set; } #endregion #region IIdentity Members public virtual string AuthenticationType { get { return "Forms"; } } public virtual bool IsAuthenticated { get { return true; } } public virtual string Name { get { return string.Empty; } } #endregion /// <summary> /// 有参构造 /// </summary> /// <param name="userIdentity">用户信息,从cookie读来的字符串</param> public UserIdentity(string userIdentity) { if (!string.IsNullOrEmpty(userIdentity)) { string[] userInfo = userIdentity.Split('≮'); UserId = Convert.ToInt32(userInfo[0]); UserName = userInfo[1].ToString(); UserRealName = userInfo[2].ToString(); } } public UserIdentity() { } public override string ToString() { // 账户信息 var builder = new StringBuilder(); builder.Append(UserId).Append("≮"); builder.Append(UserName).Append("≮"); builder.Append(UserRealName); return builder.ToString(); } } }
Global中的配置:
protected void Application_AuthenticateRequest(object sender, EventArgs e) { FormsAuthenticationUtil.GetFormTicketData(userData => new UserIdentity(userData)); }
页面中用户名密码验证通过时:
FormsAuthenticationUtil.SetAuthCookie(name, userIdentity.ToString(), false);
页面注销时:
FormsAuthentication.SignOut();
附加图片:
webconfig 配置:
<authentication mode="Forms"> <forms name=".ASPXAUTH" loginUrl="~/Login.aspx" defaultUrl="~/Default.aspx" protection="All" timeout="120" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseDeviceProfile"/> </authentication>
相关文章推荐
- 基于Form的web身份验证--C#实施攻略
- 基于AD的Form表单身份验证
- WEB应用中的身份验证(2)--Form身份验证Form-based Authentication
- 傻瓜教程:asp.net(c#) 如何配置authentication,完成基于表单的身份验证
- asp.net基于FORM的身份验证
- [导入]如何使用 C# .NET 在 ASP.NET 应用程序中实现基于窗体的身份验证
- 从架构设计到系统实施-基于Windows Server 2008的全新企业应用之Card Space身份验证
- 开发 FORM 身份验证 Web 应用程序
- 如何使用 C# .NET 在 ASP.NET 应用程序中实现基于窗体的身份验证
- C# 基于密码的身份验证报错问题System.Net.NetworkCredential
- C# 基于密码的身份验证报错问题System.Net.NetworkCredential
- 如何使用 C# .NET 在 ASP.NET 应用程序中实现基于窗体的身份验证
- C# 基于密码的身份验证报错问题System.Net.NetworkCredential
- C# 基于密码的身份验证报错问题System.Net.NetworkCredential
- JavaWeb应用中的身份验证(声明式)——基于表单的身份认证
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- 使用 C# .NET 在 ASP.NET 应用程序中实现基于窗体的身份验证
- 分别用(Windows/Form/Soap/WebService)实现用户身份验证(含示例代码下载)
- 开发FORM 身份验证 Web 应用程序
- 使用 C# .NET 在 ASP.NET 应用程序中实现基于窗体的身份验证