在asp.net C＃中使用会话进行用户身份验证 [英] Using session for user authentication in asp.net c#

问题描述

我使用会话来验证用户身份。我在我的项目2个网页。一个是的表单，另外一个是 EntryForm.aspx 键，另外一个是 log.aspx

I am using session to authenticate a user. I have 2 web pages in my project. One is webform and other one is EntryForm.aspx and other one is log.aspx

在log.aspx我做

In log.aspx i have done

protected void Button1_Click(object sender, EventArgs e)
{
        user_login loginu = new user_login();
        String uid_db = loginu.login(this.DropDownList1, this.TextBox1, this.TextBox2, this.Label5);
        if (uid_db == "invalid")
        {
            Label5.Visible = true;
            Label5.Text = "Invalid Login";
        }
        else
        {

            string uname = uid_db.Substring(0, uid_db.IndexOf(",")).Trim();
            string[] tokens = uid_db.Split(',');
            string dbname = tokens[tokens.Length - 1];

            Session["login"] = uname;
            Session["db"] = dbname;
            Response.Redirect("EntryForm.aspx");
       }
}

在类 USER_LOGIN 我是把存储在数据库中的密码并与用户输入的值相匹配的。如果发现值i重定向到EntryForm.aspx。在我检查会话变量如下：

In class user_login I am taking the password stored in the database and matching it with the value entered by user. if it finds a value i redirect it to EntryForm.aspx. In which i check for session variable as follows

protected void Page_Load(object sender, EventArgs e)
    {// CHEK SESSION VARIABLE AND LOAD dropdownlist1 WITH VALUES
        if (!IsPostBack)
        {
            String DB = "";
            String AccountID = "";
            if (Session["login"] != null && Session["db"] != null)
            {
                AccountID = Session["login"].ToString();
                DB = Session["db"].ToString();

                Label9.Text = AccountID;
            }
            else
            {
                Response.Redirect("log.aspx");
            }
            HiddenField1.Value = DB.ToString();
            DropDown a = new DropDown();
            a.filldropdown1(this.DropDownList1, DB);
        }
    }

这是我做了什么DO用户进行身份验证。在服务器上我也做了以下配置：

This is what i have done do authenticate a user. On server i have done the following configuration:

我在的Global.asax 做任何设置，也没有什么是的web.config 。我见过很多论坛，其中的Global.asax 和配置的web.config 。

I have done no settings in Global.asax nor anything is web.config . I have seen many forum wherein Global.asax and web.config is configured.

我想知道我需要什么在我的项目做才能是非常有效的工作。我现在面临的问题与会话超时。我已经将它设置为20分钟，我的服务器上，但有时会突然我得到登出。

I want to know what do i need to do in my project in order to be very efficient to work. I am facing problem with session timeout. I have set it to 20 mins on my server but sometimes suddenly i get logged out.

请帮我使用会话进行身份验证理解。

Please help me to understand using session for authentication.

推荐答案

首先，你必须编辑web.config文件，并设置会话超时属性。

First of all you have to edit web.config and set session timeout attribute.

<configuration>
  <system.web>
     <sessionState timeout="200"></sessionState>
  </system.web>
</configuration>

另一个问题是使用的IsPostBack块。

Another issue is the use of IsPostBack block.

protected void Page_Load(object sender, EventArgs e)
    { 
     if (Session["login"] != null && Session["db"] != null)
      {
         String DB = "";
         String AccountID = "";
         AccountID = Session["login"].ToString();
         DB = Session["db"].ToString();
         Label9.Text = AccountID;
         HiddenField1.Value = DB.ToString();
         DropDown a = new DropDown();
         a.filldropdown1(this.DropDownList1, DB);
       }
     else
     {
         Response.Redirect("log.aspx");
      }
   }

这篇关于在asp.net C＃中使用会话进行用户身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！