如何沿着持久性cookie进行会话以进行表单身份验证? [英] How to session along persist cookie for the form authentication?
问题描述
大家好,
我使用持久性Cookie进行表单身份验证.与此同时,我正在代码中使用用户名和密码.因此,我使用了存储用户名和密码的会话对象.但是我在使用像是否检查持久性cookie时感到困惑 那么用户名和密码是否将存储在会话对象中.
I used persist cookie for the form authentication. Along with this I am making use username and password within the code. So I used session object which stores username and password. But I am confused while using like if persist cookie is checked then whether the username and password will be stored in session object.
我想你没听懂,这是我写的代码:
I guess u didnt get, here is the code what I have written:
如果
( == ADS .admin(txtUsername.Text.ToLower(),txtDomain.Text.ToLower()))
(true == ADS.admin(txtUsername.Text.ToLower(), txtDomain.Text.ToLower()))
{
如果 ( == adAuth.IsAuthenticated(txtDomain.Text,txtUsername.Text,txtPassword.Text))
if (true == adAuth.IsAuthenticated(txtDomain.Text, txtUsername.Text, txtPassword.Text))
{
字符串 组= adAuth.GetGroups();
String groups = adAuth.GetGroups();
//创建故障单并添加组.
布尔型 isCookiePersistent = chkPersist.Checked;
bool isCookiePersistent = chkPersist.Checked;
FormsAuthenticationTicket authTicket = 新 FormsAuthenticationTicket (1,txtUsername.Text,
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, txtUsername.Text,
DateTime .现在, DateTime .Now.AddMinutes(60),isCookiePersistent,组);
DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//加密票证.
字符串 encryptionTicket = FormsAuthentication .Encrypt(authTicket);
String encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//创建一个cookie,然后添加Cookie的加密票证作为数据.
HttpCookie authCookie = 新 HttpCookie ( .FormsCookieName, encryptionTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
如果 ( == isCookiePersistent)
if (true == isCookiePersistent)
authCookie.Expires = authTicket.Expiration;
authCookie.Expires = authTicket.Expiration;
//将Cookie添加到传出的Cookie中集合.
Response.Cookies.Add(authCookie);
Response.Cookies.Add(authCookie);
//您现在可以重定向.
_login =
真 ;
true;
//Response.Redirect(FormsAuthentication.GetRedirectUrl (txtUsername.Text,false));
//Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUsername.Text, false));
}
}
如果 (_login)
if (_login)
{
//Response.Redirect(FormsAuthentication.GetRedirectUrl (txtUsername.Text,false));
会话[
"UserID" ] = txtUsername.Text;
"UserID"] = txtUsername.Text;
会话[
密码" ] = txtPassword.Text;
"Password"] = txtPassword.Text;
Response.Redirect(
Response.Redirect(
"search.aspx" , false );
"search.aspx", false);
}
其他
{
errorLabel.Text =
errorLabel.Text =
认证未成功.检查用户名和密码.
"Authentication did not succeed. Check user name and password.";
}
我在登录"页面上编写的这些代码行.因此,在另一页(即search.aspx页)中,我写的像是
These line of code I have written in Logon page. So while in another page i.e search.aspx page I have written like
如果
(会话[ 空 )
(Session["UserID"] != null)
adminID =会话[
adminID = Session[
"UserID" ].ToString();
"UserID"].ToString();
如果 (会话[ 空 )
if (Session["Password"] != null)
adminPwd =会话[
adminPwd = Session[
密码" ].ToString();
因此,我对于这些行是否感到困惑代码够用还是我需要多几行?
推荐答案
很难理解您的问题是什么,但是我仍然可以发表一些评论.
It is difficult to understand what your question is, but I can make a few comments anyway.
使用FormsAuthentication.SetAuthCookie代替Response.Cookies.Add.
Use FormsAuthentication.SetAuthCookie instead of Response.Cookies.Add.
避免在会话中存储凭据.也许您可以解释为什么您发现它是必要的.
Avoid storing credentials in the session. Maybe you can explain why you found that it was necessary.
ASP.NET支持无cookie身份验证,而无需在会话中手动存储凭据.您会看到FormsAuthentication.SetAuthCookie支持用于无cookie身份验证的URL参数.
ASP.NET supports cookieless authentication without the need to manually store credentials in the session. You will see that the FormsAuthentication.SetAuthCookie supports a URL parameter for cookieless authentication.
我希望能有所帮助.如果没有,您能否解释您要达到的目标.
I hope that helps. If it does not, can you explain what you are trying to achieve.
这篇关于如何沿着持久性cookie进行会话以进行表单身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!