asp.net form验证
来源:互联网 发布:软件许可证管理 编辑:程序博客网 时间:2024/05/17 09:34
web.config (只有用户信息存放在web.config中,才可以使用FormsAuthentication.Authenticate)
<authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="30" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="Default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"> <credentials passwordFormat="Clear"> <user name="xiaobai" password="xiaobai" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization>login.aspx
<%@ Page Language="C#" Debug="true" AutoEventWireup="true" CodeFile="Login.aspx.cs" Inherits="Login" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"> <title>Forms Authentication Login</title></head><body> <form id="LoginForm" runat="server"> <div style="background: #80ff80"> <h3>Login Page</h3> </div> <asp:Label id="Msg" ForeColor="Maroon" runat="server" /> <table border=0> <tbody> <tr> <td>Username:</td> <td><asp:TextBox ID="UserNameTextBox" runat="server" /></td> <td><asp:RequiredFieldValidator id="RequiredFieldValidator1" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserNameTextBox" /></td> </tr> <tr> <td>Password:</td> <td><asp:TextBox ID="UserPassTextBox" TextMode="Password" runat="server" /></td> <td><asp:RequiredFieldValidator id="RequiredFieldValidator2" runat="server" ErrorMessage="*" Display="Static" ControlToValidate="UserPassTextBox" /></td> </tr> <tr> <td>Check here if this is <u>not</u><br />a public computer:</td> <td><asp:CheckBox ID="PersistCheckBox" runat="server" AutoPostBack="true" /></td> </tr> </tbody> </table> <input type="submit" value="Login" runat="server" onserverclick="Login_Click" /> </form></body></html>login.aspx.cs
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; if (FormsAuthentication.Authenticate(username, password)) { FormsAuthentication.RedirectFromLoginPage(username, isPersistent);/* HttpCookie cookie = FormsAuthentication.GetAuthCookie(username, isPersistent); cookie.Expires = DateTime.Now.AddDays(7); Response.Cookies.Add(cookie); Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent);*/ } else throw new Exception("登录失败!!!"); }default.aspx.cs
protected void Logout_Click(object sender, EventArgs e) { FormsAuthentication.SignOut(); FormsAuthentication.RedirectToLoginPage(); }数据库验证
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; string source = "server=(local);integrated security=SSPI;database=mytest"; string select = "SELECT count(*) FROM [Login] WHERE UserName='" + username + "' AND UserPassword='" + password + "'"; // string update = "UPDATE [Login] set LoginTime=LoginTime+1, LastLogin='" + DateTime.Now + "' WHERE UserName='" + username + "'"; SqlConnection conn = new SqlConnection(source); conn.Open(); SqlCommand cmd = new SqlCommand(select, conn); int count = Convert.ToInt32(cmd.ExecuteScalar()); if (count >= 1) { // cmd = new SqlCommand(update, conn); // cmd.ExecuteNonQuery(); string userData = "ApplicationSpecific data for this user."; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(1), isPersistent, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); // if (HttpContext.Current.User.IsInRole("Admin")) // ...... Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)); // 不要使用FormsAuthentication.RedirectFromLoginPage,这个方法会重写cookie。 } else throw new Exception("登录失败!!!"); }Login表
CREATE TABLE [Login] (LoginId smallint IDENTITY(1,1) NOT NULL,UserName nvarchar(20) NOT NULL,UserPassword nvarchar(20) NOT NULL)INSERT INTO [Login] VALUES ('xiaobai', 'xiaobai')角色验证
<!-- 设置目录角色访问权限 --> <location path="Admin"> <system.web> <authorization> <allow roles="Admin"/> <deny users="*"/> </authorization> </system.web> </location>
protected void Login_Click(object sender, EventArgs e) { string username = UserNameTextBox.Text; string password = UserPassTextBox.Text; bool isPersistent = PersistCheckBox.Checked; string source = "server=(local);integrated security=SSPI;database=mytest"; string select = "SELECT count(*) FROM [Login] WHERE UserName='" + username + "' AND UserPassword='" + password + "'"; SqlConnection conn = new SqlConnection(source); conn.Open(); SqlCommand cmd = new SqlCommand(select, conn); int count = Convert.ToInt32(cmd.ExecuteScalar()); if (count >= 1) { string userData = "Admin"; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(1), isPersistent, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent)); } else throw new Exception("登录失败!!!"); }Global.asax
<%@ Import Namespace="System.Security.Principal" %>protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (null == authCookie) return; FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); string[] roles = authTicket.UserData.Split(new char[] { ',' }); // Context.User = new GenericPrincipal(new FormsIdentity(authTicket), roles); Context.User = new GenericPrincipal(Context.User.Identity, roles); }
- asp.net form验证
- asp.net form验证
- asp.net form验证
- asp.net form验证
- asp.net form验证
- Asp.Net Form验证
- ASP.NET Form 角色验证
- ASP.NET Form验证随笔
- FormsAuthentication:ASP.NET FORM验证
- asp.net的Form验证
- asp.net 特定目录form验证!
- ASP.NET Form验证和角色权限
- ASP.NET表单验证之Form
- Asp.Net 用户验证(自定义IPrincipal和IIdentity) form 验证
- asp.net中基于Form验证的角色授权验证
- asp.net利用js进行form验证表单
- asp.net利用js进行form验证表单
- ASP.net使用Form验证时Ajaxpro的配置
- H. Queries for Number of Palindromes
- Project Euler 35
- A + B Problem II
- FLV视频封装格式详解
- ubuntu git 升级
- asp.net form验证
- PostgreSQL学习手册(模式Schema)
- 设计模式之工厂方法模式
- VS调试时显示FbxString内容
- Eclipse使用
- 追MM与Java的23种设计模式
- git参考资料汇总
- getchar() 的其他用法
- RTMP数据流提取RTMP视频流组成H264视频文件