ASP.NET MVC - 手动授权人，并通过窗体身份验证坚持授权 [英] MVC ASP.NET - Manually authorize someone and persist the authorization via Forms Authentication

问题描述

我想在ASP.NET窗体身份验证的好处。我希望它坚持对我和这样的授权，但有一件事我的情况不同;我想对一个简单的Web服务（由客户特别规定）进行身份验证。

I want the benefits of form authentication in ASP.NET. I want it to persist the authorization for me and such, but there's one thing different about my situation; I want to authenticate against a simple web service (specifically provided by the client).

我有我的code到位看网络的地方，看看他们的应的授权，但我要如何设置在ASP.NET中的cookie [？]或授权标志他们知道当前用户的授权。

I have my code in place to look at the web place and see if they should be authorized, but how do I set the cookie[?] or authorization flag in ASP.NET that they know the current user is authorized.

基本上...

if (HttpContext.Current.User.Identity.IsAuthenticated)
// we're all good

//Other wise...
bool success = CheckClientsWebService(string username, string password);

if (success)
// Somehow tell .NET that they're authorized

*注：这是一个相当简单的服务，不与组或角色处理。如果用户是好的，查看现场检查简单

*Note: This is a fairly simple service that does not deal with groups or roles. Simply checking if a user is okay to view the site.

推荐答案

在窗体身份验证不是你是个窗体身份验证Cookie谁证明？考虑到这一点不能创建一个自定义登录表单的机票，而无需创建自定义供应商？我肯定会认为你可以。做一个快速测试，并创建一个窗体身份验证票，看看开箱成员提供的认为用户进行身份验证。

In forms authentication isn't the proof of who you are in th forms authentication cookie.? With that in mind couldn't you create the ticket in a custom login form without having to create a custom provider? I would definitely think you could. Do a quick test and create a forms authentication ticket and see if the out of the box membership provider considers the user authenticated.

我是curious--所以这里是一些code ..

I was curious-- so here is some code..

型号

public class SignInViewModel
{
    public string Username { get; set; }
    public string Password { get; set; }
}

控制器

public class SignInController : Controller
{

    public ActionResult Index()
    {
        var model = new SignInViewModel {};
        return View(model);
    }

    [HttpPost]
    public ActionResult Index(SignInViewModel model)
    {
        if (model.Username == "Fred" && model.Password == "Mertz")
        {
            FormsAuthentication.SetAuthCookie(model.Username, false);
            return RedirectToAction("Secure");
        }
        return View(model);
    }

    [Authorize]
    public ActionResult Secure(SignInViewModel model)
    {
        return View();
    }

    [Authorize]
    public ActionResult Logout(SignInViewModel model)
    {
        FormsAuthentication.SignOut();
        return RedirectToAction("Index");
    }

Index.cshtml

@using (Html.BeginForm()) {
    <fieldset>
        <legend>SignInViewModel</legend>

        <div class="editor-label">
            @Html.LabelFor(model => model.Username)
        </div>
        <div class="editor-field">
            @Html.EditorFor(model => model.Username)
            @Html.ValidationMessageFor(model => model.Username)
        </div>

        <div class="editor-label">
            @Html.LabelFor(model => model.Password)
        </div>
        <div class="editor-field">
            @Html.EditorFor(model => model.Password)
            @Html.ValidationMessageFor(model => model.Password)
        </div>

        <p>
            <input type="submit" value="Login" />
        </p>
    </fieldset>
}

Secure.cshtml

<h2>Secure</h2>
@Html.ActionLink("Logout", "Logout")

这篇关于ASP.NET MVC - 手动授权人，并通过窗体身份验证坚持授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！