如何让asp.net登录控件自动验证以前认证的用户?
[英]How to get the asp.net login control to auto authenticate a previously authenticated user?
问题描述
I am trying to to set up the login control to remember the login credentials of a user who has previously entered their user name and password successfully. 
我正在尝试设置登录控件以记住之前已成功输入用户名和密码的用户的登录凭据。 I set the remember me property to true, but it doesnt seem to triger any events where I could read the cookie and auto login the user. 我将remember me属性设置为true,但它似乎没有任何可以读取cookie并自动登录用户的事件。
Is there a straightforward mechanism to accomplish this? 是否有直接的机制来实现这一目标?
1 个解决方案
解决方案1
5 已采纳 2008-10-03 01:36:27
You need to Google for Forms Authentication in ASP.NET 2.0 您需要在ASP.NET 2.0中使用 Google进行表单身份验证
You will need to set up your application (via web.config) and may also need to alter IIS settings. 您需要设置应用程序(通过web.config),还可能需要更改IIS设置。 While it's all quite straightforward, there are heaps of settings that can be used, so best is to read some of the articles. 虽然它很简单,但可以使用大量设置,所以最好阅读一些文章。 ScottGu has a blog entry that goes into a lot of good detail. ScottGu有一篇博客文章 ,详细介绍了很多细节。
There are also many good video's at www.asp.net including these Security Tutorials www.asp.net上还有很多很好的视频,包括这些安全教程
try How to: Create an ASP.NET Login Page and Walkthrough: Creating a Web Site with Membership and User Login . 尝试如何:创建ASP.NET登录页面和演练:创建具有成员身份和用户登录的网站 。 If I recall, you still have to do the authentication yourself unless you use the Sql Server Membership provider. 如果我记得,除非您使用Sql Server Membership提供程序,否则您仍需要自己进行身份验证。 In that case you still have to set up the database and web.config. 在这种情况下,您仍然需要设置数据库和web.config。
Essentially, once you've set up configuration properly, you have a login page. 基本上,一旦你正确设置了配置,你就有了一个登录页面。 In that login page you tell Forms Authentication to create the authentication ticket for you once you authenticate them: 在登录页面告诉窗体身份验证创建身份验证票给你,一旦你验证他们的身份:
if (VerifyUser(name, password) ) // this is not a framework method
FormsAuthentication.RedirectFromLoginPage(
userName, false); // no persistent cookie
If you want to read the authentication ticket data (from anywhere else). 如果要读取身份验证票证数据(来自其他任何位置)。
// output just writes to a StringBuilder 'sb'
output(sb, "Identity.AuthenticationType", Page.User.Identity.AuthenticationType);
FormsIdentity fi = Page.User.Identity as FormsIdentity;
if (fi == null)
{
output(sb, "Identity Type", Page.User.Identity.ToString());
return;
}
output(sb, "FormsIdentity.Ticket.IssueDate", fi.Ticket.IssueDate);
output(sb, "FormsIdentity.Ticket.Expiration", fi.Ticket.Expiration);
output(sb, "FormsIdentity.Ticket.Name", fi.Ticket.Name);
output(sb, "FormsIdentity.Ticket.CookiePath", fi.Ticket.CookiePath);
output(sb, "FormsIdentity.Ticket.UserData", fi.Ticket.UserData);
output(sb, "FormsIdentity.Ticket.Version", fi.Ticket.Version);
output(sb, "FormsIdentity.Ticket.IsPersistent", fi.Ticket.IsPersistent);
The point is, once authenticated, asp.net will only redirect the user to the login page if the authentication ticket has expired and the user is on a protected page. 关键是,一旦通过身份验证,如果身份验证票证已过期且用户位于受保护的页面上,asp.net将仅将用户重定向到登录页面。 Asp.net doesn't keep asking you to authenticate the user unnecessarily. Asp.net不会一直要求您不必要地对用户进行身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.