asp.net表单身份验证 [英] asp.net form authentication

问题描述

我是ASP.NET的新手，我刚创建了一个需要用户登录的ASP.NET应用程序。我正在使用无cookie的基于表单的身份验证。这会将cookie存储在URL中，而不是将其存储在客户端计算机上。但无论如何，它都要求浏览器接受cookie。如果浏览器不接受cookie，它就不起作用。我想知道是否有一种方法我可以一起使用cookie并且仍然可以使用表单身份验证。而且我也不想在查询字符串中使用/存储用户信息。

I am new to ASP.NET and I just created an ASP.NET application that requires user login. I am using Form based authentication that is cookieless. This stores the cookie in the URL rather than storing it on the client machine. But in any way it requires that cookies be accepted by browsers. And it doesn''t work if browser doesn''t accept cookies. I was wondering if there is a way I could get away with cookies all together and still be able to use Form Authentication. And also I don''t want to use/store user information in query string either.

推荐答案

嗨!!!在这里你可以找到你的答案。



http：// www .dotnetfunda.com / articles / article141.aspx [ ^ ]

Hi !!! here you can find your answer.

http://www.dotnetfunda.com/articles/article141.aspx[^]

使用表单认证时，需要使用身份验证令牌来标识返回的用户，以便可以向他提供其会话信息。



如果我们使用cookies，那么这些信息将以cookie的形式存储在用户浏览器中。如果我们使用cookieless，则此信息将存储在用户URL中。我不知道有任何第三种行为。



当我们使用cookieless时，即当这些信息存储在URL中时，不需要在客户端启用cookie。因此，即使是使用已禁用cookie的用户也可以访问会话信息。



有关表单身份验证和会话的更多详细信息，请参阅这两篇文章。



了解会话ASP.NET中的管理技术 [ ^ ]

了解和实现ASP.NET自定义表单身份验证 [ ^ ]

When you use forms authetication, an authentication token is required to identify the returning user so that his session information can be provided to him.

If we use cookies then this information will be put in form of cookie in the users browser. If we use cookieless then this information will be stored in the Users URL. I am not aware of any third behavior.

When we use cookieless i.e. when this information is stored in the URL the cookies are not required to be enabled on client side. So even the users with disabled cookies will be able to access session information.

Please refer to these 2 articles for more details on forms authentication and sessions.

Understanding Session Management Techniques in ASP.NET[^]
Understanding and Implementing ASP.NET Custom Forms Authentication[^]

这篇关于asp.net表单身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！