在.NET 4.5.1认证的变化 [英] Authentication changes in .NET 4.5.1

问题描述

我有一定的了解的 .NET 4.5 ，但全新的为 4.5.1 。因为我读，他们有一对夫妇的变化，使应用程式上身份，这是大规模网络应用程序很好的工作。

话虽这么说，我需要一个基本的用户名/密码登录系统上的Web应用程序来工作，我想知道，如果这个模板单个用户帐户能正常工作，或者，如果我必须去与无身份验证？请说明您的答案。

解决方案

  

基本的用户名/密码登录系统

单个用户帐户将配置的 ASP.Net身份为您服务。此外，它还会创建基本的登录，注销以及其他额外的模板了。点击了解详情了解更多信息。

不过，如果你只需要简单的 FormAuthentication ，你要选择无身份验证

以下是例子简单的 FormAuthentication

登录方法

 公共无效签到（用户名字符串，布尔createPersistentCookie）
{
    变种现在= DateTime.UtcNow.ToLocalTime（）;
    时间跨度expirationTimeSpan = FormsAuthentication.Timeout;    VAR票=新的FormsAuthenticationTicket（
        1 / *版* /，
        用户名，
        现在，
        now.Add（expirationTimeSpan）
        createPersistentCookie，
         /*用户数据*/，
        FormsAuthentication.FormsCookiePath）;    VAR的encryptedTicket = FormsAuthentication.Encrypt（票）;    VAR饼干=新的HttpCookie（FormsAuthentication.FormsCookieName，
        encryptedTicket中）
    {
        仅Http = TRUE，
        安全= FormsAuthentication.RequireSSL，
        路径= FormsAuthentication.FormsCookiePath
    };    如果（ticket.IsPersistent）
    {
        cookie.Expires = ticket.Expiration;
    }
    如果（FormsAuthentication.CookieDomain！= NULL）
    {
        cookie.Domain = FormsAuthentication.CookieDomain;
    }    Response.Cookies.Add（饼干）;
}
 

的Global.asax.cs

您需要这一点是为了检索cookie的用户名，并将其保存在IPrincipal对象。

 公共类全球：一个HttpApplication
{
    私人无效Application_AuthenticateRequest（对象发件人，EventArgs的发送）
    {
        的HttpCookie decryptedCookie =
            Context.Request.Cookies [FormsAuthentication.FormsCookieName]        的FormsAuthenticationTicket票=
            FormsAuthentication.Decrypt（decryptedCookie.Value）;        VAR身份=新的GenericIdentity（ticket.Name）;
        VAR本金=新的GenericPrincipal（身份证，NULL）;        HttpContext.Current.User =本金;
        = Thread.CurrentPrincipal中HttpContext.Current.User;
    }
}
 

的web.config

请确保您有在web.config中的认证标记。

例如，

 ＆LT;身份验证模式=表格＆GT;
   ＆LT;形式loginUrl =〜/帐号/登录/＆GT;
＆LT; /认证＆GT;
 

用法

 公众的ActionResult指数（）
{
    VAR用户名= User.Identity.Name;    返回查看（）;
}
 

I have some knowledge on .NET 4.5, but totally new to 4.5.1. As I read, they have a couple of changes so that apps work with Identity, which is nice for scale web apps.

That being said, I need to work on a web app with a basic user/password login system and I'm wondering if this template Individual User Accounts can work, or if I have to go with No Authentication? Please explain your answer.

解决方案

basic user/password login system

Individual User Accounts will configure ASP.Net Identity for you. In addition, it will also create basic login, logout and other extra templates too. Click on Learn more for more information.

However, if you just need simple FormAuthentication, you want to select No Authentication.

The following is the example of simple FormAuthentication.

Sign-In method

public void SignIn(string username, bool createPersistentCookie)
{
    var now = DateTime.UtcNow.ToLocalTime();
    TimeSpan expirationTimeSpan = FormsAuthentication.Timeout;

    var ticket = new FormsAuthenticationTicket(
        1 /*version*/,
        username,
        now,
        now.Add(expirationTimeSpan),
        createPersistentCookie,
        "" /*userData*/,
        FormsAuthentication.FormsCookiePath);

    var encryptedTicket = FormsAuthentication.Encrypt(ticket);

    var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, 
        encryptedTicket)
    {
        HttpOnly = true,
        Secure = FormsAuthentication.RequireSSL,
        Path = FormsAuthentication.FormsCookiePath
    };

    if (ticket.IsPersistent)
    {
        cookie.Expires = ticket.Expiration;
    }
    if (FormsAuthentication.CookieDomain != null)
    {
        cookie.Domain = FormsAuthentication.CookieDomain;
    }

    Response.Cookies.Add(cookie);
}

Global.asax.cs

You need this in order to retrieve the username from cookie, and save it in IPrincipal Object.

public class Global : HttpApplication
{
    private void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        HttpCookie decryptedCookie =
            Context.Request.Cookies[FormsAuthentication.FormsCookieName];

        FormsAuthenticationTicket ticket =
            FormsAuthentication.Decrypt(decryptedCookie.Value);

        var identity = new GenericIdentity(ticket.Name);
        var principal = new GenericPrincipal(identity, null);

        HttpContext.Current.User = principal;
        Thread.CurrentPrincipal = HttpContext.Current.User;
    }
}

web.config

Make sure you have authentication tag in web.config.

For example,

<authentication mode="Forms">
   <forms loginUrl="~/Account/Login" />
</authentication>

Usage

public ActionResult Index()
{
    var username = User.Identity.Name;

    return View();
}

这篇关于在.NET 4.5.1认证的变化的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！