類型：商務辦公大�。�11.3M語言：中文評分：10.0
標簽：

立即下載

有一套ASP.NET應用程序，用戶一般會用工號登錄，但是我們希望在應用程序中方便地訪問到該用戶相關(guān)的其他信息，例如用戶名或者工廠名稱。

按照標準的ASP.NET Membership的做法，它不能提供這樣的信息。Page.User.Identity.Name只是返回用戶登錄時使用的名稱，在本例中是工號。

我們的目標是，能不能實現(xiàn)Page.User.Identity.Name顯示用戶的真實名稱，而不是工號，甚至還可以顯示其他的一些信息。

要實現(xiàn)這樣的功能，我的思路是自定義身份驗證。下面就是我的步驟，可以供大家參考

第一步：自定義Identity

Identity在安全設計中很重要，他一般代表了用戶標識。本例中，我們添加了幾個特殊的屬性
publicclass SECIdentity : IIdentity
{
publicstring DisplayName
{ get; set; }
publicstring Factory { get; set; }
publicstring Name { get; set; }
publicstring AuthenticationType { get { return "Custom Authentication"; } }
publicbool IsAuthenticated {
get { returntrue; } }
publicoverridestring ToString()
{ returnstring.Format("{0},{1}", Factory, DisplayName); }
}

第二步：自定義Principal
一個用戶不僅需要有名稱等基本信息，它還應該具有另外一些信息，例如角色等等。這可以通過封裝成一個Principal來解決
publicclass SECPrincipal : IPrincipal

{ public SECPrincipal(string name, string displayName, string factory)
{ identity = new SECIdentity() { Name = name, DisplayName = displayName, Factory = factory };
}

private IIdentity identity;
public IIdentity Identity
{
get { return identity; }
}

publicbool IsInRole(string role)
{
returntrue; }
}

第三步：自定義MembershipProvider

我們需要有一個特殊的Provider，來讀取自定義數(shù)據(jù)庫，校驗用戶，并且把有關(guān)的數(shù)據(jù)都一起讀出來，請注意，作為演示，我只是實現(xiàn)了這個Provider的一個方法：ValidateUser.其他的方法都沒有實現(xiàn)

publicclass SECMembershipProvider:MembershipProvider
{ publicoverridestring ApplicationName
{ get
{ thrownew NotImplementedException(); }
set
{ thrownew NotImplementedException();
}
}

publicoverridebool ChangePassword(string username, string oldPassword, string newPassword)
{
thrownew NotImplementedException();
}
publicoverridebool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
{
thrownew NotImplementedException();
}
publicoverride MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
thrownew NotImplementedException();
}
publicoverridebool DeleteUser(string username, bool deleteAllRelatedData)
{
thrownew NotImplementedException();
}
publicoverridebool EnablePasswordReset
{
get { thrownew NotImplementedException(); }
}
publicoverridebool EnablePasswordRetrieval
{
get { thrownew NotImplementedException(); }
}
publicoverride MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, outint totalRecords)
{
thrownew NotImplementedException();
}
publicoverride MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, outint totalRecords)
{
thrownew NotImplementedException();
}
publicoverride MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, outint totalRecords)
{
thrownew NotImplementedException();
}
publicoverrideint GetNumberOfUsersOnline()
{
thrownew NotImplementedException();
}
publicoverridestring GetPassword(string username, string answer)
{
thrownew NotImplementedException();
}
publicoverride MembershipUser GetUser(string username, bool userIsOnline)
{
thrownew NotImplementedException();
}
publicoverride MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
thrownew NotImplementedException();
}

publicoverridestring GetUserNameByEmail(string email) {
thrownew NotImplementedException();
}

publicoverrideint MaxInvalidPasswordAttempts {
get { thrownew NotImplementedException(); }
}

publicoverrideint MinRequiredNonAlphanumericCharacters {
get { thrownew NotImplementedException(); }
}

publicoverrideint MinRequiredPasswordLength {
get { thrownew NotImplementedException(); }
}

publicoverrideint PasswordAttemptWindow {
get { thrownew NotImplementedException(); }
}

publicoverride MembershipPasswordFormat PasswordFormat {
get { thrownew NotImplementedException(); }
}

publicoverridestring PasswordStrengthRegularExpression {
get { thrownew NotImplementedException(); }
}

publicoverridebool RequiresQuestionAndAnswer {
get { thrownew NotImplementedException(); }
}

publicoverridebool RequiresUniqueEmail
{ get { thrownew NotImplementedException(); }
}

publicoverridestring ResetPassword(string username, string answer)
{
thrownew NotImplementedException();
}

publicoverridebool UnlockUser(string userName)
{
thrownew NotImplementedException(); }

publicoverridevoid UpdateUser(MembershipUser user)
{
thrownew NotImplementedException();
}
publicoverridebool ValidateUser(string username, string password)
{//這里可以實際讀取數(shù)據(jù)庫，對用戶名和密碼進行校驗
if (username == "007" && password == "password") { var cookie = new HttpCookie(username + "_data");
cookie.Values.Add("displayName", "ares");
cookie.Values.Add("factory", "shanghai");
HttpContext.Current.Response.Cookies.Add(cookie); returntrue;
}
returnfalse; }
}

大家注意這個ValidateUser方法，我們除了校驗用戶之外，還可以將用戶的displayName和factory讀取出來，放在cookie里面。這是為了下一步做準備。

第四步：注冊使用這個MembershipProvider<membershipdefaultProvider="SECMembershipProvider"><providers><clear/><addname="SECMembershipProvider"type="MvcApplicationSample.Extensions.SECMembershipProvider,MvcApplicationSample"/><addname="AspNetSqlMembershipProvider"type="System.Web.Security.SqlMembershipProvider"connectionStringName="ApplicationServices"enablePasswordRetrieval="false"enablePasswordReset="true"requiresQuestionAndAnswer="false"requiresUniqueEmail="false"maxInvalidPasswordAttempts="5"minRequiredPasswordLength="6"minRequiredNonalphanumericCharacters="0"passwordAttemptWindow="10"applicationName="/"/></providers></membership>

第五步：修改HttpContext.User屬性
這是我們至關(guān)重要的一步。我們希望替換掉默認那個HttpContext.User。

請注意，這個操作必須在一個特殊事件中來完成。請轉(zhuǎn)到global.asax文件中，添加如下代碼

void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender; if (app.User.Identity.IsAuthenticated)
{
var userName = app.User.Identity.Name;
var cookie = app.Request.Cookies[userName + "_data"];
var displayName = cookie.Values["displayName"];
var factory = cookie.Values["factory"];
HttpContext.Current.User= new Extensions.SECPrincipal(userName, displayName, factory);
}
}