FormsAuthentication角色,不成员 [英] FormsAuthentication Roles without Membership
问题描述
我试图使用FormsAuthentication和它的正常工作与在用户名和密码的时刻。我需要用户角色添加到窗体身份验证票,我不使用ASP.NET成员资格。
如果(rep.CheckUser(model.UserName,model.Password,出来的UserRole))//检查用户
{ FormsAuthentication.SetAuthCookie(model.UserName,model.RememberMe); // Roles.AddUserToRole(model.UserName,UserRole的); //这需要会员 返回重定向(FormsAuthentication.DefaultUrl); }
的FormsAuthenticationTicket 构造函数(一个最参数)有用户数据参数,它需要一个字符串。正是在这里,你可以添加你的角色,有些角色像管道(|)分隔或哈希。你打算如何使用由您决定。你通常会做的是注册的AuthenticateRequest 事件。所以,你可以创建一票,这是:
私人无效CreateTicket()
{
VAR票=新的FormsAuthenticationTicket(
版本:1,
名称:用户名,
issueDate:DateTime.Now,
过期:DateTime.Now.AddSeconds(httpContext.Session.Timeout)
isPersistent:假的,
用户数据:的string.join(|,arrayOfRoles)); VAR的encryptedTicket = FormsAuthentication.Encrypt(票);
VAR饼干=新的HttpCookie(FormsAuthentication.FormsCookieName,encryptedTicket中); httpContext.Response.Cookies.Add(饼干);
}
之后,在的Global.asax 你会做这样的事情:
公共覆盖无效的init()
{
base.AuthenticateRequest + = OnAuthenticateRequest;
}私人无效OnAuthenticateRequest(对象发件人,EventArgs EventArgs的)
{
如果(HttpContext.Current.User.Identity.IsAuthenticated)
{
VAR饼干= HttpContext.Current.Request.Cookies [FormsAuthentication.FormsCookieName]
VAR德codedTicket = FormsAuthentication.Decrypt(cookie.Value);
VAR角色=去codedTicket.UserData.Split(新[] {|},StringSplitOptions.RemoveEmptyEntries); VAR本金=新的GenericPrincipal(HttpContext.Current.User.Identity,角色);
HttpContext.Current.User =本金;
}
}
现在你有角色IPrincipal对象( HttpContext.Current.User ),当您使用 HttpContext.Current.User.IsUserInRole查询( ROLENAME)你会得到真或假。这样,你应该能够避免使用角色人员。
更新:更好的事件,以处理重建用户主体是叫 Application_AuthenticateRequest 而不是的BeginRequest 的。我已经更新了code,以反映这一点。
I'm trying to use FormsAuthentication and it's working fine at the moment with user name and password. I need to add User Role to the Forms authentication Ticket and i'm not using ASP.NET Membership.
if (rep.CheckUser(model.UserName, model.Password,out UserRole))//Check User
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
// Roles.AddUserToRole(model.UserName, UserRole);//This Requires Membership
return Redirect(FormsAuthentication.DefaultUrl);
}
FormsAuthenticationTicket constructor (the one with the most parameters) has userData parameter which takes a string. It is here that you can add your roles, separated by some character like pipe (|) or hash. How you plan to use is up to you. What you would normally do is to register AuthenticateRequest event. So, you could create a ticket this was:
private void CreateTicket()
{
var ticket = new FormsAuthenticationTicket(
version: 1,
name: UserName,
issueDate: DateTime.Now,
expiration: DateTime.Now.AddSeconds(httpContext.Session.Timeout),
isPersistent: false,
userData: String.Join("|", arrayOfRoles));
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
httpContext.Response.Cookies.Add(cookie);
}
After that in global.asax you would do something like this:
public override void Init()
{
base.AuthenticateRequest += OnAuthenticateRequest;
}
private void OnAuthenticateRequest(object sender, EventArgs eventArgs)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
var decodedTicket = FormsAuthentication.Decrypt(cookie.Value);
var roles = decodedTicket.UserData.Split(new[] {"|"}, StringSplitOptions.RemoveEmptyEntries);
var principal = new GenericPrincipal(HttpContext.Current.User.Identity, roles);
HttpContext.Current.User = principal;
}
}
Now you have roles in IPrincipal object (HttpContext.Current.User) and when you query with HttpContext.Current.User.IsUserInRole("RoleName") you will get true or false. That way you should be able to avoid using Roles provider.
UPDATE: A better event to call in order to handle recreating User principal is Application_AuthenticateRequest instead of BeginRequest. I have updated the code to reflect this.
这篇关于FormsAuthentication角色,不成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
