Role-based form verification
SRC: http://www.cnblogs.com/caca/archive/2004/07/26/27267.aspx
Requirements: use system.web.securityusing system.security.principal
[Principal]: Main (How to translate here ??) ====================================
table of Contents
admin1 -default.aspx -Web.config //web.config# 1 admin2 -default.aspx -Web.confault.aspx -Web.confiG // Web.config # 2 bin-web.config // Web.config # root-login. ASPX
========================== Purpose: admin1 folder: Only Role is Administrator Access .Admini2 folder: Only Role is Controler to access.
Accounts, passwords, and characters are stored in a specific database.
This example (other truth): CACA is AdministratorWawa is Controler so CACA can access admin1, and cannot access admin2; WAWA is reversed.
========================== Configuration: (1) Web.config # root
XML Version = "1.0" encoding = "UTF-8"
?>
<
CONFIGURATION
>
<
SYSTEM
.web
>
<
Authentication
Mode
= "Forms"
>
<
Forms
Name
= "AuthenticationCookie"
Loginurl
= "Login.aspx"
PROTECTION
= "All"
Path
= "/"
Timeout
= "40"
/>
AUTHENTICATION
>
System.Web
>
CONFIGURATION
>
(2) Web.config # 1
XML Version = "1.0" encoding = "UTF-8"
?>
<
CONFIGURATION
>
<
SYSTEM
.web
>
<
Authorization
>
<
Allow
Roles
= "administrator"
/>
<
Deny
Users
= "*"
/>
Authorization
>
System.Web
>
CONFIGURATION>
(3) Web.config # 2
XML Version = "1.0" encoding = "UTF-8"
?>
<
CONFIGURATION
>
<
SYSTEM
.web
>
<
Authorization
>
<
Allow
Roles
= "Controler"
/>
<
Deny
Users
= "*"
/>
Authorization
>
System.Web
>
CONFIGURATION
>
=========================== Key code: (1) login.aspx
<
Script logage
=
C # runat
=
Server
>
Private
Void
Signin (Object Sender, Eventargs E)
{String Arole = "Guest"; if (tbname.text == "CACA") Arole = "administrator"; if (tbname.text == "WAWA") Arole = "Controler"; // Establish a role-based authentication ticket (I think the essence is cookie) FormsauthenticationalTicket Autovet = New FormsauthenticationTicket (1, // version (version?) TBNAME.TEXT, // User Name (may be a name of the ticket to verify the name of the cookie "DateTime.now, // creation (bill generation Time) DateTime.now.addminutes (40), // expression (Bill Cookie Failure Time) False, // Persistent (Whether to keep a cookie) Arole); // User Data / / Modify the ticket cookie to encrypt (essentially a writing instrument with a cookie name of the new cookie) string encryptedTicket = FormsAuthentication.Encrypt (authTicket); HttpCookie authCookie = new HttpCookie (FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add (authCookie); // returns Request URL Response.Redirect (FormsAuthentication.getredirectURL (TBName.Text, False);
Private
Void
Signout (Object Sender, Eventargs E)
{// logout bills forsauthentication.signout ();
Script
>
<
HTML
>
<
HEAD
>
<
Title
>
Login
Title
>
HEAD
>
<
Body
>
<
FORM
Runat
= Server>
Name: = Server id = TBNAME /> [CACA / WAWA] = Server TEXT = Login Onclick = Signin /> = Server TEXT = SIGNOUT Onclick = SIGNOUT /> > < ASP: Label Runat = Server id = lblMessage />
>
Body >
HTML > (2) Global.asax <% @ Import Namespace = System.security.principal %> <% @ Import Namespace = System.security %> < Script logage = C # runat = Server > protected Void Application_AuthenTicateRequest (Object Sender, Eventargs E) {// Extract the forms authentication cookie (restore the encrypted ticket) string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies [cookieName];. If (null == authCookie) {// There is no authentication cookie return ;} FormsAuthenticationTicket authTicket = null; try {authTicket = FormsAuthentication.Decrypt (authCookie.Value);} catch (Exception ex) {// Log exception details (omitted for simplicity) return;} if (null == authTicket) {// Cookie Failed to Decrypt. Return;} //1en the Ticket Was Created, The UserData Property Was Assigned A // Pipe Delimited String of Role Names. UserData for the Bill is to verify the user's Role) String [] roles = authTicket.UserData.Split (new char [] { '|'});. // Create an Identity object FormsIdentity id = new FormsIdentity (authTicket); // This principal will flow throughout the request GenericPrincipal principal = new GenericPrincipal ( ID, ROLES); // attach the new principal object to the capital httpContext Object Co NTEXT.USER = Principal; // I haven't really appreciated these sentences, I hope to see the verification process from essentially.}
Script >
