MVC4-通过http POST和FormsAuthentication进行Android身份验证
[英]MVC4 - Android authentication via http POST and FormsAuthentication
问题描述
I know there are plenty of resources like this on the web, and the closest I've come was the answer to this question: ASP.NET Web API Authentication . 
我知道网络上有很多这样的资源,而我最近找到的就是这个问题的答案: ASP.NET Web API Authentication 。
Basically, this is my requirement. 基本上,这是我的要求。 Log in via android to my account on an MVC4 internet application I created (which uses SimpleMembership). 通过android登录到我创建的MVC4 Internet应用程序(使用SimpleMembership)上的帐户。 It is NOT an MVC Web Api app, which seems to confuse things when looking at the various ways of achieving this. 它不是MVC Web Api应用程序,在查看实现此目标的各种方法时似乎会使事情感到困惑。
I am attempting to use FormsAuthentication to set an authentication cookie, but I have no idea how to configure my android httpclient to actually send through this authentication cookie, or how to get MVC to save a session from my android app. 我正在尝试使用FormsAuthentication设置身份验证cookie,但我不知道如何配置我的android httpclient实际通过此身份验证cookie发送,或者如何获取MVC从我的android应用程序保存会话。
So far, this is what I've come up with on the MVC side: 到目前为止,这是我在MVC方面提出的:
[HttpPost]
[AllowAnonymous]
public bool LoginMobi(LoginModel model)
{
var membership = (SimpleMembershipProvider)Membership.Provider;
if (membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, false);
return true;
}
else return false;
}
And I use the following java in my android app (sent over an SSL connection): 我在Android应用中使用以下Java(通过SSL连接发送):
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("https://mysite/api/login");
List<NameValuePair> nameValue = new ArrayList<NameValuePair>();
nameValue.add(new BasicNameValuePair("UserName", "foo"));
nameValue.add(new BasicNameValuePair("Password", "bar"));
httppost.setEntity(new UrlEncodedFormEntity(nameValue));
httppost.setHeader("Content-type", "application/json");
HttpResponse response = httpclient.execute(httppost);
// etc etc
What I haven't figured out is how to receive the authentication cookie on android and send it back with each request to controllers with the [Authorize] attribute. 我还没弄清楚的是如何在android上接收身份验证cookie并将其与每个请求一起发回给具有[Authorize]属性的控制器。 I'm rather new to this so please forgive my ignorance! 我对此很陌生,所以请原谅我的无知!
1 个解决方案
解决方案1
0 2014-10-12 08:05:30
You are using FormsAuthentication which uses cookie to identify user for each request. 您正在使用FormsAuthentication,它使用cookie来标识每个请求的用户。 You have two options here. 您在这里有两个选择。
Use CookieStore for HttpClient.
将CookieStore用于HttpClient。 Check Android HttpClient and Cookies 检查Android HttpClient和Cookies OR
要么 Combine BASIC auth and FormsAuthentication.
结合使用BASIC身份验证和FormsAuthentication。 Check Combining Forms Authentication and Basic Authentication 检查组合表格身份验证和基本身份验证
Hope this helps. 希望这可以帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.