FormsAuthentication角色,不成员 [英] FormsAuthentication Roles without Membership
问题描述
我试图使用FormsAuthentication和它的正常工作与在用户名和密码的时刻。我需要用户角色添加到窗体身份验证票,我不使用ASP.NET成员资格。
如果(rep.CheckUser(model.UserName,model.Password,出来的UserRole))//检查用户
{ FormsAuthentication.SetAuthCookie(model.UserName,model.RememberMe); // Roles.AddUserToRole(model.UserName,UserRole的); //这需要会员 返回重定向(FormsAuthentication.DefaultUrl); }
的FormsAuthenticationTicket
构造函数(一个最参数)有用户数据
参数,它需要一个字符串。正是在这里,你可以添加你的角色,有些角色像管道(|)分隔或哈希。你打算如何使用由您决定。你通常会做的是注册的AuthenticateRequest
事件。所以,你可以创建一票,这是:
私人无效CreateTicket()
{
VAR票=新的FormsAuthenticationTicket(
版本:1,
名称:用户名,
issueDate:DateTime.Now,
过期:DateTime.Now.AddSeconds(httpContext.Session.Timeout)
isPersistent:假的,
用户数据:的string.join(|,arrayOfRoles)); VAR的encryptedTicket = FormsAuthentication.Encrypt(票);
VAR饼干=新的HttpCookie(FormsAuthentication.FormsCookieName,encryptedTicket中); httpContext.Response.Cookies.Add(饼干);
}
之后,在的Global.asax
你会做这样的事情:
公共覆盖无效的init()
{
base.AuthenticateRequest + = OnAuthenticateRequest;
}私人无效OnAuthenticateRequest(对象发件人,EventArgs EventArgs的)
{
如果(HttpContext.Current.User.Identity.IsAuthenticated)
{
VAR饼干= HttpContext.Current.Request.Cookies [FormsAuthentication.FormsCookieName]
VAR德codedTicket = FormsAuthentication.Decrypt(cookie.Value);
VAR角色=去codedTicket.UserData.Split(新[] {|},StringSplitOptions.RemoveEmptyEntries); VAR本金=新的GenericPrincipal(HttpContext.Current.User.Identity,角色);
HttpContext.Current.User =本金;
}
}
现在你有角色IPrincipal对象( HttpContext.Current.User
),当您使用 HttpContext.Current.User.IsUserInRole查询( ROLENAME)
你会得到真或假。这样,你应该能够避免使用角色
人员。
更新:更好的事件,以处理重建用户主体是叫 Application_AuthenticateRequest
而不是的BeginRequest
的。我已经更新了code,以反映这一点。
I'm trying to use FormsAuthentication and it's working fine at the moment with user name and password. I need to add User Role to the Forms authentication Ticket and i'm not using ASP.NET Membership.
if (rep.CheckUser(model.UserName, model.Password,out UserRole))//Check User
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
// Roles.AddUserToRole(model.UserName, UserRole);//This Requires Membership
return Redirect(FormsAuthentication.DefaultUrl);
}
FormsAuthenticationTicket
constructor (the one with the most parameters) has userData
parameter which takes a string. It is here that you can add your roles, separated by some character like pipe (|) or hash. How you plan to use is up to you. What you would normally do is to register AuthenticateRequest
event. So, you could create a ticket this was:
private void CreateTicket()
{
var ticket = new FormsAuthenticationTicket(
version: 1,
name: UserName,
issueDate: DateTime.Now,
expiration: DateTime.Now.AddSeconds(httpContext.Session.Timeout),
isPersistent: false,
userData: String.Join("|", arrayOfRoles));
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
httpContext.Response.Cookies.Add(cookie);
}
After that in global.asax
you would do something like this:
public override void Init()
{
base.AuthenticateRequest += OnAuthenticateRequest;
}
private void OnAuthenticateRequest(object sender, EventArgs eventArgs)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
var cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
var decodedTicket = FormsAuthentication.Decrypt(cookie.Value);
var roles = decodedTicket.UserData.Split(new[] {"|"}, StringSplitOptions.RemoveEmptyEntries);
var principal = new GenericPrincipal(HttpContext.Current.User.Identity, roles);
HttpContext.Current.User = principal;
}
}
Now you have roles in IPrincipal object (HttpContext.Current.User
) and when you query with HttpContext.Current.User.IsUserInRole("RoleName")
you will get true or false. That way you should be able to avoid using Roles
provider.
UPDATE: A better event to call in order to handle recreating User principal is Application_AuthenticateRequest
instead of BeginRequest
. I have updated the code to reflect this.
这篇关于FormsAuthentication角色,不成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!