ASP.NET C#身份验证自动化
[英]ASP.NET C# Authentication Autorization
问题描述
I am as a study project developed a website in ASP.net. 
我作为一个研究项目在ASP.net中开发了一个网站。 In my web.config file i have autheticaion mode as windows. 在我的web.config文件中,我将身份验证模式作为Windows。 and i am using an appsettings connection string to connect to my SQL2005 database. 我正在使用一个appsettings连接字符串来连接到我的SQL2005数据库。 Now i want to know what kind of authentication is this? 现在我想知道这是哪种身份验证? Is this windows? 这是窗户吗? forms? 形式? or anonymous authentication? 还是匿名身份验证?
I have user table in sql 2005 and my first screen is login page. 我在sql 2005中有用户表,而我的第一个屏幕是登录页面。 Obviously this user table has login details like username and password which will be matched to user input. 显然,此用户表具有将与用户输入匹配的登录详细信息,例如用户名和密码。
I dont understand i have read so many post on authorization and authienticaion but please clear me on this. 我不了解我已经阅读了太多关于授权和认证的文章,但是请在此说明我。 Thanks in advance. 提前致谢。
3 个解决方案
解决方案1
4 2012-10-29 10:26:47
You are currently using Windows authentication. 您当前正在使用Windows身份验证。 Your Windows username and password is used to authenticate you to asp.net. 您的Windows用户名和密码用于对asp.net进行身份验证。
A login page writing to a user table would be asp.net forms authentication. 写入用户表的登录页面将是asp.net表单身份验证。
Note that sql server authentication is a totally separate issue. 请注意,SQL Server身份验证是一个完全独立的问题。 It is up to your code to authenticate against your database. 对数据库进行身份验证取决于您的代码。 When doing so, the connection string in web.config file can be used. 这样做时,可以使用web.config文件中的连接字符串。
解决方案2
1 已采纳 2012-10-29 10:32:59
If you want customize your credentials of string connection in order to access your DataBase, you can use Integrated Security or Trusted_Connection 如果要自定义字符串连接的凭据以访问数据库,则可以使用Integrated Security或Trusted_Connection
When the value is true, the current credentials of the Windows account used for authentication. 值为true时,用于身份验证的Windows帐户的当前凭据。
Nota : in yur case i think that you can use FormsAuthentification (You have Windows Authentification) 注意:在您的情况下,我认为您可以使用FormsAuthentification (您具有Windows身份验证)
Link : http://msdn.microsoft.com/fr-fr/library/system.data.sqlclient.sqlconnection.connectionstring(v=vs.80).aspx 链接: http : //msdn.microsoft.com/fr-fr/library/system.data.sqlclient.sqlconnection.connectionstring(v=vs.80).aspx
Forms Authentification : 表格认证:
<authentication mode="Forms">
<forms loginUrl="~/login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
After your click 单击后
if (IsAuthenticatedValue) //You can adjust your condition
{
FormsAuthentication.RedirectFromLoginPage (.., ..);
}
else
{
Console.WriteLine("Invalid credentials. Please try again.");
}
Link : http://msdn.microsoft.com/fr-fr/library/xdt4thhy(v=vs.80).aspx 链接: http : //msdn.microsoft.com/fr-fr/library/xdt4thhy(v=vs.80).aspx
解决方案3
0 2012-10-29 10:32:18
In addition to the other answer here: 除了这里的其他答案:
Once the user is logged in, create a Session and store the fact they are logged in using that such as 用户登录后,创建一个Session并使用以下信息存储他们登录的事实,例如
Session["LoggedIn"] = true;
Session["Username"] = username;
Then check if they are logged in using your Code and authorise access to the page using that. 然后检查他们是否使用您的代码登录,并使用该代码授权访问页面。 So on page load if they logged in continue loading the page, else send them to the login page. 因此,在页面加载时,如果他们登录,则继续加载页面,否则将其发送到登录页面。
When you want to log the user off simply do Session.Clear(); 当您想注销用户时,只需执行Session.Clear();即可。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.