stackoom
  简体   繁体   中英

ASP.NET C# Authentication Autorization

 原文  2012-10-29 10:21:54       c#/ asp.net/ sql-server/ authorization/ windows-authentication

Question

I am as a study project developed a website in ASP.net. In my web.config file i have autheticaion mode as windows. and i am using an appsettings connection string to connect to my SQL2005 database. Now i want to know what kind of authentication is this? Is this windows? forms? or anonymous authentication?

I have user table in sql 2005 and my first screen is login page. Obviously this user table has login details like username and password which will be matched to user input.

I dont understand i have read so many post on authorization and authienticaion but please clear me on this. Thanks in advance.

3 answers

solution1
 4  2012-10-29 10:26:47

You are currently using Windows authentication. Your Windows username and password is used to authenticate you to asp.net.

A login page writing to a user table would be asp.net forms authentication.

Note that sql server authentication is a totally separate issue. It is up to your code to authenticate against your database. When doing so, the connection string in web.config file can be used.

solution2
 1 ACCPTED  2012-10-29 10:32:59

If you want customize your credentials of string connection in order to access your DataBase, you can use Integrated Security or Trusted_Connection

When the value is true, the current credentials of the Windows account used for authentication.

Nota : in yur case i think that you can use FormsAuthentification (You have Windows Authentification)

Link : http://msdn.microsoft.com/fr-fr/library/system.data.sqlclient.sqlconnection.connectionstring(v=vs.80).aspx

Forms Authentification : 

<authentication mode="Forms">
 <forms loginUrl="~/login.aspx">
</forms>
</authentication> 
<authorization>
  <deny users="?" />
</authorization>

After your click 

 if (IsAuthenticatedValue) //You can adjust  your condition
  {
      FormsAuthentication.RedirectFromLoginPage (.., ..);
  }
  else
  {
      Console.WriteLine("Invalid credentials. Please try again.");
  }

Link : http://msdn.microsoft.com/fr-fr/library/xdt4thhy(v=vs.80).aspx

solution3
 0  2012-10-29 10:32:18

In addition to the other answer here:

Once the user is logged in, create a Session and store the fact they are logged in using that such as 

Session["LoggedIn"] = true; 
Session["Username"] = username;

Then check if they are logged in using your Code and authorise access to the page using that. So on page load if they logged in continue loading the page, else send them to the login page.

When you want to log the user off simply do Session.Clear();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question LDAP authentication in C# in asp.net c#, ASP.net with MVC 5.0 - issue with Google Authentication Resetting users password in forms authentication asp.net C# c# windows authentication for a asp.net web interface Forum solution (asp.net c#) handling Windows Authentication Google authentication with C# ASP.NET Core Web API Form Authentication NO ASP.net Just C# & MYSQL Google Analytics Authentication Help ASP.NET C# Using windows authentication in asp.net with c# How to display Windows Authentication on webpage with asp.net/C#?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM