惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

AI
AI
Engineering at Meta
Engineering at Meta
T
The Blog of Author Tim Ferriss
Latest news
Latest news
Microsoft Azure Blog
Microsoft Azure Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Simon Willison's Weblog
Simon Willison's Weblog
M
MIT News - Artificial intelligence
V
Visual Studio Blog
N
Netflix TechBlog - Medium
P
Palo Alto Networks Blog
C
Cybersecurity and Infrastructure Security Agency CISA
阮一峰的网络日志
阮一峰的网络日志
P
Proofpoint News Feed
G
Google Developers Blog
MongoDB | Blog
MongoDB | Blog
V
Vulnerabilities – Threatpost
AWS News Blog
AWS News Blog
美团技术团队
博客园 - 聂微东
The GitHub Blog
The GitHub Blog
Stack Overflow Blog
Stack Overflow Blog
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
L
Lohrmann on Cybersecurity
B
Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
爱范儿
爱范儿
Hacker News - Newest:
Hacker News - Newest: "LLM"
Hugging Face - Blog
Hugging Face - Blog
O
OpenAI News
W
WeLiveSecurity
Cisco Talos Blog
Cisco Talos Blog
Google Online Security Blog
Google Online Security Blog
T
Tenable Blog
Attack and Defense Labs
Attack and Defense Labs
C
Cisco Blogs
G
GRAHAM CLULEY
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Y
Y Combinator Blog
Microsoft Security Blog
Microsoft Security Blog
Help Net Security
Help Net Security
The Last Watchdog
The Last Watchdog
S
Security @ Cisco Blogs
C
CERT Recently Published Vulnerability Notes
博客园 - 【当耐特】
T
Troy Hunt's Blog
Cloudbric
Cloudbric
IT之家
IT之家

博客园 - wdx2008

ORM框架 sql语句字符串处理大全 - wdx2008 - 博客园 收集的ASP.NET中常用正则表达式 - wdx2008 - 博客园 web.config详解 教你合理设计数据表,将优化进行到底 为你的mail server增加SPF记录 马云在《赢在中国》对创业者的经典点评 给不同文件夹设置主题并指定其编码 - wdx2008 - 博客园 在线支付类封装 - wdx2008 - 博客园 SET XACT_ABORT各种用法及显示结果 ASP.NET邮件外发 asp.net Request.ServerVariables 各参数说明集合 - wdx2008 sql清除事务日志命令 js不允许单独打开left.aspx或top.apsx - wdx2008 - 博客园 ASP.NET2.0 TreeView的数据库绑定 - wdx2008 - 博客园 forms验证:怎么验证两种身份? 收藏的一些ASP.net 2.0资料 关于asp.net 2.0的用户、角色管理总结(转) - wdx2008 - 博客园 開源圖表控件ZedGraph
Forms 验证进行角色控制全攻略
wdx2008 · 2007-06-19 · via 博客园 - wdx2008

http://blog.csdn.net/lzumcj_pa18/archive/2004/06/30/30575.aspx

原作:lzumcj

说明:曾经想做一个类似于 Windows 2000 / XP 等的可分组角色控制,找了诸多资料未过。后终于在 misrosoft 的网站找到一篇英文的相关资料,看过后付诸于实践,成功!总结与此,以享后人。

1。配置IIS,允许匿名访问。
2。配置 Asp.Net 的验证模式为 Forms 。
<!-- web.config -->
<authentication mode="Forms">
<forms name="MyAppFormsAuth"
loginUrl="login.aspx"
protection="Encryption"
timeout="20"
path="/" >
</forms>
</authentication>
3。创建登录页面,并验证提供的信任状(credentials)。
4。从自定义的数据存储中获得角色列表(role list)。
5。创建 Forms authentication ticket (store roles in the ticket)。
// This event handler executes when the user clicks the Logon button
// having supplied a set of credentials
private void Logon_Click(object sender, System.EventArgs e)
{
// Validate credentials against either a SQL Server database
// or Active Directory
bool isAuthenticated = true;
if (isAuthenticated == true )
{
// Retrieve the set of roles for this user from the SQL Server
// database or Active Directory. The roles are returned as a
// string that contains pipe separated role names
// for example "Manager|Employee|Sales|"
// This makes it easy to store them in the authentication ticket
//string roles = RetrieveRoles( txtUserName.Text, txtPassword.Text);
string roles = "admin";
// Create the authentication ticket and store the roles in the
// custom UserData property of the authentication ticket
FormsAuthenticationTicket authTicket = new
FormsAuthenticationTicket(
1, // version
txtUserName.Value, // user name
DateTime.Now, // creation
DateTime.Now.AddMinutes(20),// Expiration
false, // Persistent
roles ); // User data
// Encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the
// cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,encryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
// Redirect the user to the originally requested page
Response.Redirect( FormsAuthentication.GetRedirectUrl(txtUserName.Value,false ));
}
}
6。创建 IPrincipal 对象。
7。Put the IPrincipal object into the current HTTP context.
<!-- Global.asax -->
<%@ Application language="C#" %>
<%@ import namespace="System.Security.Principal" %>
<script runat="server">
protected void Application_AuthenticateRequest(Object sender , EventArgs e)
{
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if(null == authCookie)
{
// There is no authentication cookie.
return;
}
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch(Exception ex)
{
// Log exception details (omitted for simplicity)
return;
}
if (null == authTicket)
{
// Cookie failed to decrypt.
return;
}
// When the ticket was created, the UserData property was assigned
// a pipe delimited string of role names.
string[] roles = authTicket.UserData.Split(new char[]{'|'});
// Create an Identity object
FormsIdentity id = new FormsIdentity( authTicket );
// This principal will flow throughout the request.
GenericPrincipal principal = new GenericPrincipal(id, roles);
// Attach the new principal object to the current HttpContext object
Context.User = principal;
}
</script>
8。基于用户名/角色成员资格批准用户。
IPrincipal.IsInRole