Double username/password validation on MVC site?
Question
Hi,
I have built a ASP.NET MVC website that uses Membership, this works fine. During the sites beta test I need to ensure that only beta testers are able to visit my website so a second(really the first login) login has to be made.
The question is how I can do this as easy and fast as possible without involving the current membership setup?
It's okay if the username and password is static/hardcoded but it's important that once the outer login is completed, no more login requests will be made during the session. It's important that the current MVC Membership works as before.
2 answers
solution1
1 2011-12-31 20:31:38
Unfortunately, the Forms and BasicAuthentication modes do not work together. This is because there is only one "IPrincipal" variable on the HttpContext (IMHO called User). But if you were using two different authentication schemes at the same time, the last one would always win. This is why this is not supported. People would get unexpected results.
But it can be done pretty easily: You need to implement basic authentication yourself. This can be done during the BeginRequest event. You can hook it up in Global.asax (preferred) or in an HTTP module.
Implementing BasicAuth is not complicated: http://en.wikipedia.org/wiki/Basic_access_authentication
If you want to hardcode the credentials inside of the basic auth code you will be done in 30min.
solution2
0 ACCPTED 2012-01-13 22:02:26
I ended up with a new role(tester). This did involve alot of refactoring but it seems to work really well.
When the testuser is loging in and the site is set in test mode the returned user will be "" witch means no user.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.