1. 首页
  2. PHP教程
  3. asp.net身份验证和授权

asp.net身份验证和授权

今天闲着无聊.想起来了ASP.NET身份验证.感觉良好.贴出下列代码:

  login.aspx HTML代码

1<%@ Page language="c#" Codebehind="02Login.aspx.cs" AutoEventWireup="false" Inherits="身份验证._02Login" %>
2<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
3<HTML>
4  <HEAD>
5    <title>02Login</title>
6    <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
7    <meta name="CODE_LANGUAGE" Content="C#">
8    <meta name="vs_defaultClientScript" content="JavaScript">
9    <meta name="vs_targetSchema" content="http://schemas.microsoft.com/intellisense/ie5">
10  </HEAD>
11  <body MS_POSITIONING="GridLayout">
12    <form id="Form1" method="post" runat="server">
13      <FONT face="宋体">
14        <TABLE id="Table1" style="Z-INDEX: 102; LEFT: 152px; WIDTH: 446px; POSITION: absolute; TOP: 80px; HEIGHT: 72px"
15          cellSpacing="1" cellPadding="1" width="446" border="1">
16          <TR>
17            <TD>
18              <asp:label id="Label1" runat="server">用户名称:</asp:label></TD>
19            <TD>
20              <asp:textbox id="tbName" runat="server" Width="183px"></asp:textbox></TD>
21            <TD>
22              <asp:requiredfieldvalidator id="RequiredFieldValidator1" runat="server" ErrorMessage="用户名不能为空!" ControlToValidate="tbName"></asp:requiredfieldvalidator></TD>
23          </TR>
24          <TR>
25            <TD>
26              <asp:label id="Label2" runat="server">密码:</asp:label></TD>
27            <TD>
28              <asp:textbox id="tbPass" runat="server" Width="183px"></asp:textbox></TD>
29            <TD>
30              <asp:requiredfieldvalidator id="RequiredFieldValidator2" runat="server" ErrorMessage="密码不能为空!" ControlToValidate="tbPass"></asp:requiredfieldvalidator></TD>
31          </TR>
32          <TR>
33            <TD><FONT face="宋体">是否保存Cookie</FONT></TD>
34            <TD>
35              <asp:checkbox id="PersistCookie" runat="server"></asp:checkbox></TD>
36            <TD></TD>
37          </TR>
38        </TABLE>
39        <asp:button id="btnLoginBetter" style="Z-INDEX: 101; LEFT: 288px; POSITION: absolute; TOP: 240px"
40          runat="server" Width="78px" Text="登录"></asp:button>
41        <asp:HyperLink id="HyperLink1" style="Z-INDEX: 103; LEFT: 456px; POSITION: absolute; TOP: 240px"
42          runat="server" NavigateUrl="Default.aspx">HyperLink</asp:HyperLink></FONT>
43    </form>
44  </body>
45</HTML>
 login.aspx.cs代码如下

private void btnLoginBetter_Click(object sender, System.EventArgs e)
 {
  if (this.tbName.Text == "admin" && this.tbPass.Text == "admin")
  {
  FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,this.tbName.Text,DateTime.Now,DateTime.Now.AddMinutes(30),this.PersistCookie.Checked,"User");//创建一个验证票据
  string cookieStr = FormsAuthentication.Encrypt(ticket);进行加密
  HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,cookieStr);创建一个cookie,cookie名为web.config设置的名,值为加密后的数据cookieStr,
  if (this.PersistCookie.Checked)//判断用户是否选中保存cookie
   cookie.Expires = ticket.Expiration;//获取cookie过期时间
  cookie.Path = FormsAuthentication.FormsCookiePath;//设置cookie保存路径
  Response.Cookies.Add(cookie);
  string strRedirect;
  strRedirect = Request["ReturnUrl"];//取出返回url
  if (strRedirect == null)
   strRedirect = "Default.aspx";
  Response.Redirect(strRedirect,true);
  
  }
  else
  {
  Response.Write("<script>alert('帐号或密码错误!');self.location.href='02login.aspx'</script>");
  }
 }

  Default.aspx HTML代码

  <
body MS_POSITIONING="GridLayout">
    <form id="Form1" method="post" runat="server">
      <FONT face="宋体">
        <asp:Label id="Label1" style="Z-INDEX: 106; LEFT: 224px; POSITION: absolute; TOP: 72px" runat="server">用户名称:</asp:Label>
        <asp:Label id="Label2" style="Z-INDEX: 102; LEFT: 220px; POSITION: absolute; TOP: 136px" runat="server">身份:</asp:Label>
        <asp:Label id="lbUser" style="Z-INDEX: 103; LEFT: 350px; POSITION: absolute; TOP: 79px" runat="server"></asp:Label>
        <asp:Label id="lbSf" style="Z-INDEX: 104; LEFT: 355px; POSITION: absolute; TOP: 133px" runat="server"></asp:Label>
        <asp:Button id="btnLogout" style="Z-INDEX: 105; LEFT: 261px; POSITION: absolute; TOP: 192px"
          runat="server" Text="注销" Width="101px"></asp:Button></FONT>
    </form>
  </body>
后置代码
private void Page_Load(object sender, System.EventArgs e)
 {
  this.lbUser.Text = User.Identity.Name;
  if (User.IsInRole("Admin"))
  this.lbSf.Text = "Admin";
  else
  this.lbSf.Text = "User";
 }
  
 Web 窗体设计器生成的代码#region Web 窗体设计器生成的代码
 override protected void OnInit(EventArgs e)
 {
  //
  // CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
  //
  InitializeComponent();
  base.OnInit(e);
 }
 /**//// <summary>
 /// 设计器支持所需的方法 - 不要使用代码编辑器修改
 /// 此方法的内容。
 /// </summary>
 private void InitializeComponent()
 {  
  this.btnLogout.Click += new System.EventHandler(this.btnLogout_Click);
  this.Load += new System.EventHandler(this.Page_Load);
  
 }
 #endregion
  
 private void btnLogout_Click(object sender, System.EventArgs e)
 {
  FormsAuthentication.SignOut();//注销票
  Response.Redirect("login.aspx",true);返回login.aspx页面
 }

  webconfig配置如下

  <authentication mode="Forms" >
 <forms name=".SecurityDemo" loginUrl="login.aspx">//.SecurityDemo为cookie名,
 </forms>
  </authentication>
  
<authorization>
      <deny users="?"/> //拒绝所有匿名用户
      <allow roles="admins"/>//允许管理级别用户访问
  </authorization>


  自我感觉ASP写多了,一般是用session进行判断用户是否合法,但在一个ASP.NET项目中使用身份验证,基本上所有页面都要验证才能访问,感觉有点迁强.但可以在web.config页面对指定的页面设置权限,设置代码如下

 <location path="admin.aspx">
  <system.web>
   <authorization>
    <deny users="?" />
   </authorization>
  </system.web>
 </location>
如果只有几个页面设置如上代码,感觉还可以接受.但页面多了岂不是要把人累死呀..

  可能是小的项目做多了,大项目没接触过.请高手给指点具体用途呀.不甚感激

本文作者:
« 
» 
PHP教程
PHP简介 PHP基本语法 PHP类型 PHP变量 PHP运算符 PHP控制结构 PHP函数 PHP类与对象 PHP异常处理 函数库分类
快速导航
PHP MySQL HTML CSS JavaScript MSSQL AJAX .NET JSP Linux Mac ASP 服务器 SQL jQuery C# C++ java Android IOS oracle MongoDB SQLite wamp 交通频道
Copyright © 2016 phpStudy | 豫ICP备2021030365号-3