ASP.NET Web表单 - 如何鉴别WIF与成员资格提供和角色提供结合 [英] ASP.NET web forms - how to combine WIF authentification with membership provider and role provider
问题描述
我使用Windows身份的基础,在ASP.NET Web窗体形式鉴别在.NET 4.5
我怎样才能结合WIF形式认证方式与我的自定义成员资格提供者,在web.config中定义我的自定义角色提供?
我想使用SQL数据库负载更多的用户信息我自定义的成员提供如电子邮件,生日,头像iamge。
我想用我的自定义角色提供程序来获取SQL数据库的所有角色authentificated用户。
我的鉴别方法进行身份验证(用户名,密码)从为Login.aspx LoginButtonClick名为:
公共静态ClaimsPrincipal进行身份验证(用户名字符串,字符串密码)
{
VAR本金= AuthenticateWindowsUser(用户名,密码);
VAR inputIdentity =(的WindowsIdentity)principal.Identity; VAR outputIdentity =新ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(新索赔(ClaimTypes.Name,inputIdentity.Name));
返回新ClaimsPrincipal(outputIdentity);
} 私有静态WindowsPrincipal AuthenticateWindowsUser(用户名字符串,字符串密码)
{
尝试
{
SecurityToken securityToken =新UserNameSecurityToken(用户名,密码);
VAR处理器= FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers; //使用默认WindowsUserNameSecurityTokenHandler
返回新WindowsPrincipal((的WindowsIdentity)handlers.ValidateToken(securityToken)[0]);
}
赶上(SecurityTokenValidationException前)
{
ShowException显示(除息);
}
}
假设提供code为你的作品应该是
公共静态ClaimsPrincipal进行身份验证(用户名字符串,字符串密码)
{
VAR本金= AuthenticateWindowsUser(用户名,密码);
VAR inputIdentity =(的WindowsIdentity)principal.Identity; VAR outputIdentity =新ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(新索赔(ClaimTypes.Name,inputIdentity.Name)); //从成员资格提供其他信息
VAR用户= Membership.GetUser(用户名));
outputIdentity.AddClaim(新索赔(ClaimTypes.Email,user.Email));
... //从角色提供角色
的foreach(在Roles.GetRolesForUser字符串的作用(用户名))
outputIdentity.AddClaim(新索赔(ClaimTypes.Role,角色)); 返回新ClaimsPrincipal(outputIdentity);
}
I'm using windows identity foundation with form authentification in ASP.NET Web Forms in .NET 4.5 How can I combine WIF form authentification with my custom membership provider and my custom role provider defined in web.config?
I want to use my custom membership provider for load additional user info from SQL DB such as email, birthday, avatar iamge. I want to use my custom role provider to obtain all roles from SQL DB for authentificated user.
My authentification method Authenticate(userName, password) is called from Login.aspx LoginButtonClick:
public static ClaimsPrincipal Authenticate(string userName, string password)
{
var principal = AuthenticateWindowsUser(userName, password);
var inputIdentity = (WindowsIdentity)principal.Identity;
var outputIdentity = new ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, inputIdentity.Name));
return new ClaimsPrincipal(outputIdentity);
}
private static WindowsPrincipal AuthenticateWindowsUser(string userName, string password)
{
try
{
SecurityToken securityToken = new UserNameSecurityToken(userName, password);
var handlers = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers;
//Uses default WindowsUserNameSecurityTokenHandler
return new WindowsPrincipal((WindowsIdentity)handlers.ValidateToken(securityToken)[0]);
}
catch (SecurityTokenValidationException ex)
{
ShowException(ex);
}
}
Assuming that the provided code works for you it should be
public static ClaimsPrincipal Authenticate(string userName, string password)
{
var principal = AuthenticateWindowsUser(userName, password);
var inputIdentity = (WindowsIdentity)principal.Identity;
var outputIdentity = new ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, inputIdentity.Name));
// other information from the membership provider
var user = Membership.GetUser( userName ) );
outputIdentity.AddClaim( new Claim( ClaimTypes.Email, user.Email ) );
...
// roles from role provider
foreach ( string role in Roles.GetRolesForUser( userName ) )
outputIdentity.AddClaim( new Claim( ClaimTypes.Role, role ) );
return new ClaimsPrincipal(outputIdentity);
}
这篇关于ASP.NET Web表单 - 如何鉴别WIF与成员资格提供和角色提供结合的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!