设置HttpContext.Current.User从Thread.CurrentPrincipal中 [英] Set HttpContext.Current.User from Thread.CurrentPrincipal
问题描述
我在我的应用程序,适用于Windows和网络工程安全管理器,这个过程很简单,只需要在用户和PWD并验证他们对数据库然后设置与Thread.CurrentPrincipal中的自定义主体。对于Windows应用程序能正常工作,但我有一个Web应用程序的问题。
I have a security manager in my application that works for both windows and web, the process is simple, just takes the user and pwd and authenticates them against a database then sets the Thread.CurrentPrincipal with a custom principal. For windows applications this works fine, but I have problems with web applications.
认证过程后,当我试图在Current.User设置为自定义主要从这个Thread.CurrentPrincipal中最后一个含有的GenericPrincipal。难道我做错了什么?这是我的代码:
After the process of authentication, when I'm trying to set the Current.User to the custom principal from Thread.CurrentPrincipal this last one contains a GenericPrincipal. Am I doing something wrong? This is my code:
的Login.aspx
Login.aspx
protected void btnAuthenticate_Click(object sender, EventArgs e)
{
SecurityManager.Authenticate("user","pwd"); // This is where I set the custom principal in Thread.CurrentPrincipal
FormsAuthenticationTicket authenticationTicket = new FormsAuthenticationTicket(1,
"user",
DateTime.Now,
DateTime.Now.AddMinutes(30),
false,
"");
string ticket = FormsAuthentication.Encrypt(authenticationTicket);
HttpCookie authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket);
Response.Cookies.Add(authenticationCookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl("user", false));
}
Global.asax中(这是问题出现的位置)
Global.asax (This is where the problem appears)
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null)
return;
if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.User.Identity is FormsIdentity)
{
HttpContext.Current.User = System.Threading.Thread.CurrentPrincipal; //Here the value is GenericPrincipal
}
感谢。
Thanks in advance for any help.
推荐答案
首先:你需要设置在每次请求委托人
First of all: You need to set the principal on every request.
窗体身份验证使用它在每个请求校长自己的任务。这就是为什么你看到的的GenericPrincipal
Forms authentication uses it's own assignment of the principal on each request. That's why you are seeing the GenericPrincipal
我通常重新分配在OnPostAuthenticate我的自定义prinicpal当标准认证机制做
I usually reassign my custom prinicpal in OnPostAuthenticate when the standard authentication mechanism is done.
这篇关于设置HttpContext.Current.User从Thread.CurrentPrincipal中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!