帮助:验证码 [英] HELP: Authentication code
问题描述
请帮助....
我遇到了麻烦。在我确认
用户名/密码有效后,在我的登录表格中我这样做:
选择案例iMyPrivilege
案例0
Dim arrRoles()As String = {" guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User .Id entity,arrRoles)
案例1
Dim arrRoles()As String = {" guest"," user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity,arrRoles)
案例2
Dim arrRoles() As String = {" guest"," user"" admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id实体,arrRoles)
结束选择
在我的Global.asax.vb中我有这样的代码:
Sub Application_AuthenticateRequest(ByVal发件人作为对象,ByVal e As
EventArgs)
''尝试验证使用时触发
如果Request.IsAuthenticated那么
如果Context.User.IsInRole(" guest")那么
Response.Write(" GUEST:" &安培; Context.User.Identity.Name)
ElseIf Context.User.IsInRole(" user")然后
Response.Write(" USER:"& Context) .User.Identity.Name)
ElseIf Context.User.IsInRole(" admin")然后
Response.Write(" ADMIN:"& Context。 User.Identity.Name)
Else
Response.Write(" ????:"& Context.User.Identity.Name)
结束如果
结束如果
结束子
问题1:在Application_AuthenticateRequest中
" IsInRole"总是掉到别的地方,就好像它不知道我填写
表单登录。任何想法?
问题2:在我的登录代码中,我实际上有Context.User =外线
案例陈述,但它一直说名称''arrRoles''未被宣布。
即使我在案例陈述中声明了它。任何想法?
谢谢!
" VB Programmer" < GR ********* @ go-intech.com>在消息中写道
新闻:uZ ************** @ TK2MSFTNGP09.phx.gbl ...请帮助...... 。
...
问题1:在Application_AuthenticateRequest中,对于
IsInRole的If语句。总是掉到别的地方,就像它不知道我为表格登录填写的
。有任何想法吗?
请记住,HTTP是无状态的,ASP.NET也是如此。当你到达
Application_AuthenticateRequest时,你在Login中所做的一切都消失了。
你需要保留它,可能在Forms身份验证票证中。请参阅我的
回复您之前的帖子,
问题:COntext.User.IsInRole。
问题2:在我的登录代码中我实际上有Context.User =在案件陈述之外,但它一直说名字''arrRoles''没有被宣布。
即使我在案件陈述中声明了它。任何想法?
看起来每个case子句都引入了一个新的范围。您是否注意到
您能够三次声明相同的名称?当那个案例
子句完成时,范围就消失了,在那个
范围内声明的变量也是如此。在选择之前声明您的数组并在每个案例中设置
条款。
-
John Saunders
互联网工程师 jo***********@surfcontrol.com
使用表单身份验证...
1.修改< Web.config>
打开表单身份验证...
<身份验证模式="表单">
< forms name =" .ASPXAUTH" loginUrl = QUOT;&的Login.aspx QUOT; />
< / authentication>
< authorization>
< deny users ="?" />
< / authorization>
在文件结尾前插入添加安全目录的部分....
< location path =" Secured">
< system.web>
< authorization>
<允许roles =" admin" />
< deny users =" *" />
< / authorization>
< /system.web>
< / location>
2. Login.aspx
用户验证后(在db,xml等中...)添加:
系统.Web.Security.FormsAuthentication.RedirectFr omLoginPage(txtUserName.Te
xt.Trim,True)
3. Global.asax.vb
首先添加进口声明Imports System.Security.Principal
然后......
Sub Application_AuthenticateRequest(ByVal sender As Object,ByVal e As
EventArgs)
''试图验证使用时发生火灾
如果Request.IsAuthenticated那么
''获取用户'的角色
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings(" M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand(" SELECT blah FROM
blah WHERE blah",cnnMyConnection)
Dim drUsers作为SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
虽然drUsers.Read
Select Case drUsers.GetValue(1)
Case 0''guest(只读)
Dim arrRoles()As String = {" guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity,arrRoles)
案例1''用户(启动/停止引擎)
Dim arrRoles()As String = {" guest"," user"}
Context.User =新的
System.Security.Principal.GenericPrincipal(User.Id实体,arrRoles)
案例2''管理员(一切)
Dim arrRoles ()As String = {" guest"," user",
" admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity,arrRoles)
结束选择
结束时
cnnMyConnection。关闭()
''如果Context.User.IsInRole(" guest")那么Response.Write(" GUEST"
& Context.User.Identity.Name)
结束如果
End Sub
" VB Programmer" < GR ********* @ go-intech.com>在消息中写道
news:eO **************** @ TK2MSFTNGP10.phx.gbl ...使用表格认证...
.... 3. Global.asax.vb
首先添加进口声明Imports System.Security.Principal
然后。 ..
Sub Application_AuthenticateRequest(ByVal发送者作为对象,ByVal e As
EventArgs)
''试图验证使用时触发
如果Request.IsAuthenticated那么
' '获取用户'的角色
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings(" M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand(" SELECT) blah FROM
blah WHERE blah",cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
>当drUsers.Read
Select Case drUsers.GetValue(1)
案例0''客人(只读)
Dim arrRoles()As String = {" guest"}
Context.User = New <系统安全.Principal.GenericPrincipal(User.Id实体,arrRoles)
案例1''用户(启动/停止引擎)
Dim arrRoles()As String = {" guest", " user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity,arrRoles)
案例2''管理员(一切)
昏暗arrRoles()As String = {" guest"," user",
" admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id实体,arrRoles)
结束选择
结束时
cnnMyConnec关闭()
''如果Context.User.IsInRole(" guest")那么Response.Write(" GUEST
" &安培; Context.User.Identity.Name)
结束如果
结束子
您的代码将正常工作,并将继续运行每个请求都在您的网络应用程序的页面中。
。这是很多数据库的工作。
我建议你把数据库代码放到Login中,将结果角色保存在
表单认证的UserData中门票,并在
Application_AuthenticateRequest中检索。
-
John Saunders
互联网工程师
jo***********@surfcontrol.com
PLEASE HELP....
I''m having trouble. In my login form after I''ve verified the
username/password are valid I do this:
Select Case iMyPrivilege
Case 0
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2
Dim arrRoles() As String = {"guest", "user""admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
In my Global.asax.vb I have this code:
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
'' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
If Context.User.IsInRole("guest") Then
Response.Write("GUEST: " & Context.User.Identity.Name)
ElseIf Context.User.IsInRole("user") Then
Response.Write("USER: " & Context.User.Identity.Name)
ElseIf Context.User.IsInRole("admin") Then
Response.Write("ADMIN: " & Context.User.Identity.Name)
Else
Response.Write("????: " & Context.User.Identity.Name)
End If
End If
End Sub
PROBLEM 1: In Application_AuthenticateRequest the If statement for
"IsInRole" ALWAYS drops to the Else, like it doesn''t recognize what I filled
in for form login. Any ideas?
PROBLEM 2: In my Login code I actually had "Context.User =" line outside
the case statement but it kept saying "Name ''arrRoles'' is not declared."
even though I did declare it in the case statement. Any ideas?
Thanks!
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:uZ**************@TK2MSFTNGP09.phx.gbl...PLEASE HELP....
...
PROBLEM 1: In Application_AuthenticateRequest the If statement for
"IsInRole" ALWAYS drops to the Else, like it doesn''t recognize what I filled in for form login. Any ideas?
Remember that HTTP is stateless, and so is ASP.NET. By the time you get to
Application_AuthenticateRequest, everything you ever did in Login is gone.
You need to persist it, probably in the Forms Authentication ticket. See my
response to your earlier post, "
Question: COntext.User.IsInRole".
PROBLEM 2: In my Login code I actually had "Context.User =" line outside
the case statement but it kept saying "Name ''arrRoles'' is not declared."
even though I did declare it in the case statement. Any ideas?
It looks like the case clauses each introduce a new scope. Did you notice
that you were able to declare the same name three times? When that case
clause is done, the scope is gone, and so are any variables declared in that
scope. Declare your array before the "Select" and just set it in each Case
clause.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
To use forms authentication...
1. Modify <Web.config>
Turn on forms authentication...
<authentication mode="Forms">
<forms name=".ASPXAUTH" loginUrl="Login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
Insert before the end of the file add the section for Secured dir....
<location path="Secured">
<system.web>
<authorization>
<allow roles="admin"/>
<deny users="*" />
</authorization>
</system.web>
</location>
2. Login.aspx
After user is verified (in db, xml, etc...) add this:
System.Web.Security.FormsAuthentication.RedirectFr omLoginPage(txtUserName.Te
xt.Trim, True)
3. Global.asax.vb
First add imports statement "Imports System.Security.Principal"
Then...
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
'' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
'' Get the user''s role
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah FROM
blah WHERE blah", cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
While drUsers.Read
Select Case drUsers.GetValue(1)
Case 0 '' guest (read only)
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1 '' user (start/stop engines)
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2 '' admin (everything)
Dim arrRoles() As String = {"guest", "user",
"admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
End While
cnnMyConnection .Close()
''If Context.User.IsInRole("guest") Then Response.Write("GUEST "
& Context.User.Identity.Name)
End If
End Sub
"VB Programmer" <gr*********@go-intech.com> wrote in message
news:eO****************@TK2MSFTNGP10.phx.gbl...To use forms authentication...
.... 3. Global.asax.vb
First add imports statement "Imports System.Security.Principal"
Then...
Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
'' Fires upon attempting to authenticate the use
If Request.IsAuthenticated Then
'' Get the user''s role
Dim cnnMyConnection As SqlConnection = New
SqlConnection(ConfigurationSettings.AppSettings("M yDsnString"))
Dim cmdMyCmd As SqlCommand = New SqlCommand("SELECT blah FROM
blah WHERE blah", cnnMyConnection)
Dim drUsers As SqlDataReader
cnnMyConnection.Open()
drUsers = cmdMyCmd.ExecuteReader
While drUsers.Read
Select Case drUsers.GetValue(1)
Case 0 '' guest (read only)
Dim arrRoles() As String = {"guest"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 1 '' user (start/stop engines)
Dim arrRoles() As String = {"guest", "user"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
Case 2 '' admin (everything)
Dim arrRoles() As String = {"guest", "user",
"admin"}
Context.User = New
System.Security.Principal.GenericPrincipal(User.Id entity, arrRoles)
End Select
End While
cnnMyConnection .Close()
''If Context.User.IsInRole("guest") Then Response.Write("GUEST " & Context.User.Identity.Name)
End If
End Sub
Your code will work fine, and will run on every request made to a page in
your web application. That''s a lot of database work.
I suggest you put the database code into Login, save the resultant roles in
the UserData of the Forms Authentication Ticket, and retrieve them in
Application_AuthenticateRequest.
--
John Saunders
Internet Engineer
jo***********@surfcontrol.com
这篇关于帮助:验证码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
