质量中心认证的顶级ASP.net自定义成员资格 [英] ASP.net Custom membership on top of quality center authorization

问题描述

我是比较新的授权/会员在asp.net中，所以请原谅我问做傻事。我一直在寻找大量的例子，.NET实现自定义的成员提供程序（在计算器，$ C $的CProject，devX和www.asp.net），并基于codeD，但不知何故无法得到它加工。搜索结果
我的要求 - 我们组织大量使用惠普质量中心（QC），我开发一个asp.net应用，其登录页面将采用QC'a API验证用户。我也有我将存储谁已经注册到我的应用程序的用户QC SQL数据库（只储存QC用户ID在DB，没有密码，就像我说的，密码验证是使用QC API来完成）。将有我的数据库定义角色的注册用户用户角色表。搜索结果
为什么使用而不是一些简单的窗体身份验证''会员' - 因为也许将来我想分离QC认证结果。
所以，这个我开始第一步 - 开发自定义的类成员（名为AutoCenterMembershipProvider）和登录页面。我只需要ValidateUser方法。以下是我带开始与方法：结果
1.要求使用者QC用户ID /密码，用户点击身份验证按钮结果
2.登录页面的code幕后'Authenticate'按钮的onClick检查于方法，如果用户在SQL数据库中找到，如果找到，则使用QC API来验证用户ID，密码结果
3.第二组的登录页面上的控件启用 - 让用户选择哪个QC域和项目用户想要登录。使用QC API认证用户后，也获得了域名和项目下拉列表选项。用户选择这些并点击登录按钮结果
4.在登录按钮的点击 - 呼叫Membership.ValidateUser（objQCSession.UserName，objQCSession.Password）。由于用户使用QC API已经验证，为简单起见，我只是从我的Membership.ValidateUser的自定义实现返回真。然后，我打电话 - FormsAuthentication.RedirectFromLoginPage（obj_ACUser.QCSession.UserName，真）直接用户在web.config中的provieded应用程序默认页面 - app_FAs.aspx。

问题是 - 用户被重定向到app_FAs.aspx页面后，它引导用户返回到登录页面。我试图找出错误或缺少的部分。

Web.config文件看起来像如下：

 ＆LT;身份验证模式=表格＆GT;
  ＆LT;形式loginUrl =〜\\网页\\的Login.aspxdefaultUrl =App_FAs.aspx＆GT;＆LT; /形式GT;
＆LT; /认证＆GT;
＆LT;授权＆GT;
  ＆LT;拒绝用户= /＆gt的帮助？
＆LT; /授权＆GT;
＆LT;会员defaultProvider =AutoCenterMembershipProvider＆GT;
  ＆LT;供应商＆GT;
    ＆LT;清/＆GT;
    ＆LT;添加名称=AutoCenterMembershipProvider
         类型=CustomMembership.Models.AutoCenterMembershipProvider
         enablePasswordRetrieval =假enablePasswordReset设置=假
         requiresQuestionAndAnswer =假requiresUniqueEmail =假
         maxInvalidPasswordAttempts =100minRequiredPasswordLength =100
         minRequiredNonalphanumericCharacters =0
         passwordAttemptWindow =100的applicationName =//＆GT;
  ＆LT; /供应商＆GT;
＆LT; /会员＆GT;
 

和customMembership类是这样的：

 公共类AutoCenterMembershipProvider
    继承System.Web.Security.MembershipProvider    公共覆盖功能的ValidateUser（BYVAL用户名作为字符串，BYVAL密码作为字符串）作为布尔
        返回TRUE
    结束功能
 

剩下的所有成员都不执行

任何帮助，指针失落的一角，错误是大大AP preciated，在此先感谢

验证按钮点击code

 私人小组btn_Authenticate_Click（BYVAL发件人为对象，BYVAL E上System.Web.UI.ImageClickEventArgs）处理btn_Authenticate.click
   objQCSession =会议（QCUserSession）
   如果Membership.ValidateUser（objQCSession.UserName，objQCSession.Password），那么
     FormaAuthentication.RedirectFromLoginPage（objQCSession.UserName，真）
   万一
结束小组
 

解决方案

Currenlty，第2步 - btn_Authenticate_Click 方法1 - 仅仅是分配 FormAuthenticationTicket 来的cookie，并重定向用户 app_FAs.aspx 页。它并不真正需要自定义成员资格提供程序的功能。

如果我正确地理解你的问题，我会改变的逻辑是这样的。

1）验证用户的QC后，创建 FormAuthenticationTicket 这样在相同的方法。

  FormsAuthentication.SetAuthCookie（用户名，真|假）;
 

2） btn_Authenticate_Click （做一些事情和）重定向用户 app_FAs.aspx

您甚至不需要定义成员资格提供。如果你想使用自定义成员资格提供程序，您可以在第1步（而不是在第2步）来实现。

I am relatively new to authorization/memberships in asp.net, so pls excuse if I ask anything silly. I have been looking at lot of examples to implement a custom membership provider in .net (in stackoverflow, codeproject, devX, and www.asp.net) and coded based on that but somehow couldn't get it working.

My requirement - our organization heavily uses HP's Quality center(QC), I am developing an asp.net application, its login page will use QC'a API for authenticating a user. I also have a SQL database in which I'll store the QC users who have registered to my application (just store QC user id's in DB, not password, like I said, password authentication is done using QC API). There will be a user-roles table in my DB to define the roles for registered users.

Why use 'membership' instead of some simple 'forms authentication' - because maybe in future I want to decouple QC authentication.
So, with this I started with first step - developing custom membership class(named AutoCenterMembershipProvider) and login page. I only need validateuser method. following is the approach I took to start with:
1. Ask user for QC user id/password, user clicks 'Authenticate' button
2. login page's code behind-'Authenticate' button's onClick method- checks if user is found in SQL database and if found, then uses QC API to authenticate user id-password
3. Second set of controls on Login page is enabled - ask user to select which QC Domain and Project user wants to login. Options for Domain and Project dropdown lists are also obtained using QC API after authenticating user. User selects those and clicks Login button
4. On Login button's click - call Membership.ValidateUser(objQCSession.UserName, objQCSession.Password). Since user is already validated using QC api, for simplicity I just return 'true' from my custom implementation of Membership.ValidateUser. Then I call - FormsAuthentication.RedirectFromLoginPage(obj_ACUser.QCSession.UserName, True) to direct user to apps default page provieded in web.config's - app_FAs.aspx.

The issue is - after user is redirected to app_FAs.aspx page, it directs user back to login page. I am trying to find out the mistake or missing piece.

Web.config looks like below:

<authentication mode="Forms">
  <forms loginUrl="~\Pages\Login.aspx" defaultUrl="App_FAs.aspx"></forms>
</authentication>
<authorization>
  <deny users="?"/>
</authorization>
<membership defaultProvider="AutoCenterMembershipProvider">
  <providers>
    <clear/>
    <add name="AutoCenterMembershipProvider" 
         type="CustomMembership.Models.AutoCenterMembershipProvider"
         enablePasswordRetrieval="false"   enablePasswordReset="false" 
         requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
         maxInvalidPasswordAttempts="100"  minRequiredPasswordLength="100"
         minRequiredNonalphanumericCharacters="0" 
         passwordAttemptWindow="100"   applicationName="/" />
  </providers>
</membership>

and customMembership class is like:

Public Class AutoCenterMembershipProvider
    Inherits System.Web.Security.MembershipProvider

    Public Overrides Function ValidateUser(ByVal username As String, ByVal password As String) As Boolean
        Return True
    End Function

rest all members are 'Not implemented'

any help, pointers to missing piece, mistake is greatly appreciated, thanks in advance

Authenticate button click code

Private Sub btn_Authenticate_Click(ByVal sender as Object, ByVal e As   System.Web.UI.ImageClickEventArgs) Handles btn_Authenticate.click
   objQCSession = Session("QCUserSession")
   If Membership.ValidateUser(objQCSession.UserName, objQCSession.Password) then
     FormaAuthentication.RedirectFromLoginPage(objQCSession.UserName, True)
   End if
End Sub

解决方案

Currenlty, 2nd step - btn_Authenticate_Click method 1 - is just to assign FormAuthenticationTicket to cookie, and redirecting user to app_FAs.aspx page. It doesn't really need Custom Membership Provider's features.

If I understand your problem correctly, I would change the logic like this.

1) After validating user for QC, create FormAuthenticationTicket like this in the same method.

FormsAuthentication.SetAuthCookie("UserName", true|false);

2) btn_Authenticate_Click (does something and) redirects user to app_FAs.aspx

You do not even need Custom Membership Provider. If you want to use Custom Membership Provider, you can implement in 1st step (Not in 2nd step).

这篇关于质量中心认证的顶级ASP.net自定义成员资格的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！