基于Form的web身份验证--C#实施攻略

CustomIdentity类：

using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Security.Principal;using System.Text;namespace BIReportCenter.Utility.Authentication{    /// <summary>    /// 用户身份信息    /// </summary>    [Serializable]    public class CustomIdentity : IIdentity    {        /// <summary>        /// 用户自定义信息。        /// </summary>        public String UserData { get; set; }        #region IIdentity Members        public virtual string AuthenticationType { get { return "Forms"; } }        public virtual bool IsAuthenticated { get { return true; } }        public virtual string Name { get { return string.Empty; } }        #endregion        public CustomIdentity(string userData)        {            UserData = userData;        }        public CustomIdentity() { }    }}

 

FormAuthenticationUtil类：

using System;using System.Security.Principal;using System.Web;using System.Web.Security;namespace BIReportCenter.Utility.Authentication{    public delegate IIdentity GetCustomIdentityMapper(string userData);    public class FormsAuthenticationUtil    {        #region 共有        /// <summary>        /// 保存票据，并跳转到登录页        /// </summary>        /// <param name="userName"></param>        /// <param name="userData"></param>        /// <param name="createPersistentCookie"></param>        /// <param name="strCookiePath"></param>        public static void RedirectFromLoginPage(string userName, string userData, bool createPersistentCookie, string strCookiePath)        {            RedirectFromLoginPageMain(userName, userData, createPersistentCookie, strCookiePath);        }        /// <summary>        /// 保存票据，并跳转到登录页        /// </summary>        /// <param name="userName"></param>        /// <param name="userData"></param>        /// <param name="createPersistentCookie"></param>        public static void RedirectFromLoginPage(string userName, string userData, bool createPersistentCookie)        {            RedirectFromLoginPageMain(userName, userData, createPersistentCookie, null);        }        /// <summary>        /// 保存票据        /// </summary>        /// <param name="userName"></param>        /// <param name="userData"></param>        /// <param name="createPersistentCookie"></param>        public static void SetAuthCookie(string userName, string userData, bool createPersistentCookie)        {            SetAuthCookieMain(userName, userData, createPersistentCookie, null);        }        /// <summary>        /// 保存票据        /// </summary>        /// <param name="userName"></param>        /// <param name="userData"></param>        /// <param name="createPersistentCookie"></param>        /// <param name="strCookiePath"></param>        public static void SetAuthCookie(string userName, string userData, bool createPersistentCookie, string strCookiePath)        {            SetAuthCookieMain(userName, userData, createPersistentCookie, strCookiePath);        }        /// <summary>        /// 从用户的票据信息中获取用户自定义信息,并初始化到HttpContext.Current.User中。        /// </summary>        public static void GetFormTicketData(GetCustomIdentityMapper customIdentityMapper)        {            if (HttpContext.Current.User != null)            {                if (HttpContext.Current.User.Identity.IsAuthenticated)                {                    if (HttpContext.Current.User.Identity is FormsIdentity)                    {                        var id = (FormsIdentity)HttpContext.Current.User.Identity;                        FormsAuthenticationTicket ticket = (id.Ticket);                        if (!FormsAuthentication.CookiesSupported)                        {                            ticket = FormsAuthentication.Decrypt(id.Ticket.Name);                        }                        if (!string.IsNullOrEmpty(ticket.UserData))                        {                            //HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles);                            // 由字符串解析的数据创建当前身份信息                             HttpContext.Current.User = new UserPrincipal((IIdentity)customIdentityMapper(ticket.UserData));                            return;                        }                    }                }            }            HttpContext.Current.User = null;        }        #endregion        #region 私有        private FormsAuthenticationUtil()        {        }        private static void RedirectFromLoginPageMain(string userName, string userData, bool createPersistentCookie, string strCookiePath)        {            SetAuthCookieMain(userName, userData, createPersistentCookie, strCookiePath);            HttpContext.Current.Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, createPersistentCookie));        }        /// <summary>        /// 创建并返回票据信息。        /// </summary>        private static FormsAuthenticationTicket CreateAuthenticationTicket(string userName, string userData, bool createPersistentCookie, string strCookiePath)        {            string cookiePath = strCookiePath ?? FormsAuthentication.FormsCookiePath;            //获取cookie的timeout            int expirationMinutes = GetCookieTimeoutValue();            //创建票据            var ticket = new FormsAuthenticationTicket(            1,                      //版本            userName,               //            DateTime.Now,           //票据创建时间            DateTime.Now.AddMinutes(expirationMinutes), //过期时间            createPersistentCookie, //是否持久化票据              userData,              //权限信息            cookiePath);            //cookie的有效路径            return ticket;        }        /// <summary>        /// 获取票据的过期时间        /// </summary>        /// <returns></returns>        private static int GetCookieTimeoutValue()        {            return Convert.ToInt32(FormsAuthentication.Timeout.TotalMinutes);            //int timeout = 30; //Default timeout is 30 minutes            //XmlDocument webConfig = new XmlDocument();            //webConfig.Load(HttpContext.Current.Server.MapPath(@"~\web.config"));            //XmlNode node = webConfig.SelectSingleNode("/configuration/system.web/authentication/forms");            //if (node != null && node.Attributes["timeout"] != null)            //{            //    timeout = int.Parse(node.Attributes["timeout"].Value);            //}            //return timeout;        }        /// <summary>        /// 创建票据，并将票据存储至cookie或uri中。        /// </summary>        private static void SetAuthCookieMain(string userName, string userData, bool createPersistentCookie, string strCookiePath)        {            FormsAuthenticationTicket ticket = CreateAuthenticationTicket(userName, userData, createPersistentCookie, strCookiePath);            //加密票据            string encrypetedTicket = FormsAuthentication.Encrypt(ticket);            if (!FormsAuthentication.CookiesSupported)            {                //如果客户端不支持cookie,就使用uri方式存储。                FormsAuthentication.SetAuthCookie(encrypetedTicket, createPersistentCookie);            }            else            {                //没有指定的情况下cookie的默认名称为： .ASPXAUTH，在web.config中的<forms>节点中指定                var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypetedTicket);                if (ticket.IsPersistent) authCookie.Expires = ticket.Expiration;                HttpContext.Current.Response.Cookies.Add(authCookie);            }        }        #endregion    }}

 UserPrincipal类：

using System;using System.Collections.Generic;using System.Collections;using System.Linq;using System.Web;using System.Security.Principal;namespace BIReportCenter.Utility.Authentication{    /// <summary>    /// 用户身份信息    /// </summary>    public class UserPrincipal : IPrincipal    {        #region IPrincipal Members        protected IIdentity _IIdentity;        public bool IsInRole(string role)        {            return true;        }        public IIdentity Identity        {            get { return _IIdentity; }            set { this._IIdentity = value; }        }        #endregion        /// <summary>        /// 构造用户身份信息        /// </summary>        /// <param name="iIdentity">当前请求用户的身份标识</param>        public UserPrincipal(IIdentity iIdentity)        {            this._IIdentity = iIdentity;        }        public UserPrincipal()        {            this._IIdentity = null;        }    }}

PageBaseHelper类：

using System;using System.Collections.Generic;using System.Linq;using System.Web;using BIReportCenter.Utility.Authentication;namespace BIReportCenter.UI.ReportAdmin.WebUtilities{    public static class PageBaseHelper    {        /// <summary>        /// 获取当前用户的身份信息        /// </summary>        public static UserIdentity CurrentUserInfo        {            get            {                var user = HttpContext.Current.User as UserPrincipal;                return user == null ? null : user.Identity as UserIdentity;            }        }        /// <summary>        /// 更新当前用户身份信息        /// </summary>        public static void UpdateAuthCookie()        {            FormsAuthenticationUtil.SetAuthCookie(CurrentUserInfo.UserName, CurrentUserInfo.ToString(), false);        }    }}

PageBase类：

using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Web.Security;using BIReportCenter.UI.ReportAdmin.WebUtilities;using BIReportCenter.Utility.Authentication;namespace AnalysisReports.WebUtilities{    public class PageBase : System.Web.UI.Page    {        protected override void OnInit(EventArgs e)        {            if (CurrentUserInfo == null)            {                this.Response.Redirect("~/Login.aspx");            }            base.OnInit(e);        }        /// <summary>        /// 获取当前用户的身份信息        /// </summary>        public UserIdentity CurrentUserInfo        {            get            {                UserPrincipal user = this.User as UserPrincipal;                if (user != null)                    return user.Identity as UserIdentity;                else                    return null;            }        }    }}

UserIdentity类：

using System;using System.Collections.Generic;using System.Linq;using System.Web;using System.Security.Principal;using System.Text;namespace BIReportCenter.UI.ReportAdmin.WebUtilities{    /// <summary>    /// 用户身份信息    /// </summary>    [Serializable]    public class UserIdentity : IIdentity    {        #region 数据成员        /// <summary>        /// UserInfo,Id        /// </summary>        public Int32 UserId { get; set; }        public String UserName { get; set; }        public String UserRealName { get; set; }        #endregion        #region IIdentity Members        public virtual string AuthenticationType { get { return "Forms"; } }        public virtual bool IsAuthenticated { get { return true; } }        public virtual string Name { get { return string.Empty; } }        #endregion        /// <summary>        /// 有参构造        /// </summary>        /// <param name="userIdentity">用户信息，从cookie读来的字符串</param>        public UserIdentity(string userIdentity)        {            if (!string.IsNullOrEmpty(userIdentity))            {                string[] userInfo = userIdentity.Split('≮');                UserId = Convert.ToInt32(userInfo[0]);                UserName = userInfo[1].ToString();                UserRealName = userInfo[2].ToString();            }        }        public UserIdentity()        {        }        public override string ToString()        {            // 账户信息            var builder = new StringBuilder();            builder.Append(UserId).Append("≮");            builder.Append(UserName).Append("≮");            builder.Append(UserRealName);            return builder.ToString();        }    }}

 

Global中的配置：

 protected void Application_AuthenticateRequest(object sender, EventArgs e)        {            FormsAuthenticationUtil.GetFormTicketData(userData => new UserIdentity(userData));        }

页面中用户名密码验证通过时：

   FormsAuthenticationUtil.SetAuthCookie(name, userIdentity.ToString(), false);

页面注销时：

            FormsAuthentication.SignOut();

附加图片：

webconfig 配置：

 

  <authentication mode="Forms">      <forms name=".ASPXAUTH" loginUrl="~/Login.aspx" defaultUrl="~/Default.aspx" protection="All" timeout="120" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseDeviceProfile"/>    </authentication>