如何获取asp.net登录控件自动验证以前验证的用户? [英] How to get the asp.net login control to auto authenticate a previously authenticated user?

查看:197
本文介绍了如何获取asp.net登录控件自动验证以前验证的用户?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我尝试设置登录控制以记住先前已成功输入用户名和密码的用户的登录凭据。我设置记住我属性为true,但它似乎没有triger任何事件,我可以读取cookie和自动登录用户。

I am trying to to set up the login control to remember the login credentials of a user who has previously entered their user name and password successfully. I set the remember me property to true, but it doesnt seem to triger any events where I could read the cookie and auto login the user.

有没有一个简单的机制来完成这项工作?

Is there a straightforward mechanism to accomplish this?

推荐答案

需要Google ASP.NET 2.0中的表单身份验证

您需要设置您的应用程序(通过web.config),也可能需要更改IIS设置。虽然这很简单,但有很多设置可以使用,所以最好阅读一些文章。 ScottGu有一个
博客条目,有很多很好的细节。

You will need to set up your application (via web.config) and may also need to alter IIS settings. While it's all quite straightforward, there are heaps of settings that can be used, so best is to read some of the articles. ScottGu has a blog entry that goes into a lot of good detail.

还有很多好的视频在< a href =http://www.asp.net/learn/ =nofollow noreferrer> www.asp.net 包括这些安全教程

There are also many good video's at www.asp.net including these Security Tutorials

请尝试如何:创建ASP.NET登录页面演练:使用成员资格和用户登录创建网站。如果我记得,您仍然必须自己进行身份验证,除非您使用Sql Server成员资格提供程序。在这种情况下,您仍然需要设置数据库和web.config。

try How to: Create an ASP.NET Login Page and Walkthrough: Creating a Web Site with Membership and User Login. If I recall, you still have to do the authentication yourself unless you use the Sql Server Membership provider. In that case you still have to set up the database and web.config.

基本上,配置正确,你有一个登录页面。在该登录页面中,您告知表单身份验证,以便您 对其进行身份验证:

Essentially, once you've set up configuration properly, you have a login page. In that login page you tell Forms Authentication to create the authentication ticket for you once you authenticate them:

if (VerifyUser(name, password) ) // this is not a framework method
    FormsAuthentication.RedirectFromLoginPage(
        userName, false); // no persistent cookie

如果要读取身份验证票据数据(从其他任何地方) / p>

If you want to read the authentication ticket data (from anywhere else).

// output just writes to a StringBuilder 'sb' 
output(sb, "Identity.AuthenticationType", Page.User.Identity.AuthenticationType);

FormsIdentity fi = Page.User.Identity as FormsIdentity;
if (fi == null)
{
    output(sb, "Identity Type", Page.User.Identity.ToString());
    return;
}

output(sb, "FormsIdentity.Ticket.IssueDate", fi.Ticket.IssueDate);
output(sb, "FormsIdentity.Ticket.Expiration", fi.Ticket.Expiration);
output(sb, "FormsIdentity.Ticket.Name", fi.Ticket.Name);
output(sb, "FormsIdentity.Ticket.CookiePath", fi.Ticket.CookiePath);
output(sb, "FormsIdentity.Ticket.UserData", fi.Ticket.UserData);
output(sb, "FormsIdentity.Ticket.Version", fi.Ticket.Version);
output(sb, "FormsIdentity.Ticket.IsPersistent", fi.Ticket.IsPersistent);

关键是,一旦验证,asp.net只会将用户重定向到登录页面,如果认证票证已过期,并且用户处于受保护的页面上。 Asp.net不会一直要求您不必要地验证用户。

The point is, once authenticated, asp.net will only redirect the user to the login page if the authentication ticket has expired and the user is on a protected page. Asp.net doesn't keep asking you to authenticate the user unnecessarily.

这篇关于如何获取asp.net登录控件自动验证以前验证的用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆