3 个解决方案
#1
自己先去嗖嗖看了
#2
使用HTTP module实现安全性登录:
using System;
using System.Web;
using System.Security.Principal;
namespace MyModules
{
public class CustomModule: IHttpModule
{
public CustomModule(){}
public void Dispose(){}
public void Init(HttpApplication app){
//建立安全模块
app.AuthenticateRequest +=new EventHandler(this.AuthenticateRequest) ;
}
private void AuthenticateRequest(object o,EventArgs e)
{
HttpApplication app=(HttpApplication)o;
HttpContext content=(HttpContext)app.Context ;
if((app.Request["userid"]==null)||(app.Request["password"]==null)){
content.Response.Write("未提供必需的参数!!") ;
content.Response.End() ;
}
string userid=app.Request["userid"].ToString();
string password=app.Request["password"].ToString();
string[] strRoles=AuthenticateAndGetRoles(userid, password);
if((strRoles==null)||(strRoles.GetLength(0)==0)){
content.Response.Write("未找到相配的角色!!") ;
app.CompleteRequest() ;
}
GenericIdentity objIdentity=new GenericIdentity(userid,"CustomAuthentication");
content.User=new GenericPrincipal(objIdentity,strRoles) ;
}
private string[] AuthenticateAndGetRoles(string r_strUserID,string r_strPassword){
string[] strRoles=null ;
if((r_strUserID.Equals("Steve"))&&(r_strPassword.Equals("15seconds"))){
strRoles=new String[1] ;
strRoles[0]="Administrator" ;
}
else if ((r_strUserID.Equals("Mansoor"))&&(r_strPassword.Equals("mas"))){
strRoles=new string[1] ;
strRoles[0]="User" ;
}
return strRoles ;
}
}
}
编译后生成:Custom.dll
编辑Web.config文件:
<system.web>
<httpModules>
<add name="Custom" type="MyModules.CustomModule,Custom"/>
</httpModules>
</system.web>
--
Custom.aspx页面内容:
<script language="c#" runat="server">
public void page_load(Object obj,EventArgs e)
{
lblMessage.Text = "<H1>Hi, " + User.Identity.Name + "</H1>";
if(User.IsInRole("Administrator"))
lblRole.Text="<H1>You are an Administrator</H1>";
else if(User.IsInRole("User"))
lblRole.Text = "<H1>You are a normal user</H1>";
}
</script>
<form runat="server">
<asp:Label id="lblMessage" forecolor="red" font-size="10pt" runat="server"/>
<asp:Label id="lblRole" forecolor="red" font-size="10pt" runat="server"/>
</form>
using System;
using System.Web;
using System.Security.Principal;
namespace MyModules
{
public class CustomModule: IHttpModule
{
public CustomModule(){}
public void Dispose(){}
public void Init(HttpApplication app){
//建立安全模块
app.AuthenticateRequest +=new EventHandler(this.AuthenticateRequest) ;
}
private void AuthenticateRequest(object o,EventArgs e)
{
HttpApplication app=(HttpApplication)o;
HttpContext content=(HttpContext)app.Context ;
if((app.Request["userid"]==null)||(app.Request["password"]==null)){
content.Response.Write("未提供必需的参数!!") ;
content.Response.End() ;
}
string userid=app.Request["userid"].ToString();
string password=app.Request["password"].ToString();
string[] strRoles=AuthenticateAndGetRoles(userid, password);
if((strRoles==null)||(strRoles.GetLength(0)==0)){
content.Response.Write("未找到相配的角色!!") ;
app.CompleteRequest() ;
}
GenericIdentity objIdentity=new GenericIdentity(userid,"CustomAuthentication");
content.User=new GenericPrincipal(objIdentity,strRoles) ;
}
private string[] AuthenticateAndGetRoles(string r_strUserID,string r_strPassword){
string[] strRoles=null ;
if((r_strUserID.Equals("Steve"))&&(r_strPassword.Equals("15seconds"))){
strRoles=new String[1] ;
strRoles[0]="Administrator" ;
}
else if ((r_strUserID.Equals("Mansoor"))&&(r_strPassword.Equals("mas"))){
strRoles=new string[1] ;
strRoles[0]="User" ;
}
return strRoles ;
}
}
}
编译后生成:Custom.dll
编辑Web.config文件:
<system.web>
<httpModules>
<add name="Custom" type="MyModules.CustomModule,Custom"/>
</httpModules>
</system.web>
--
Custom.aspx页面内容:
<script language="c#" runat="server">
public void page_load(Object obj,EventArgs e)
{
lblMessage.Text = "<H1>Hi, " + User.Identity.Name + "</H1>";
if(User.IsInRole("Administrator"))
lblRole.Text="<H1>You are an Administrator</H1>";
else if(User.IsInRole("User"))
lblRole.Text = "<H1>You are a normal user</H1>";
}
</script>
<form runat="server">
<asp:Label id="lblMessage" forecolor="red" font-size="10pt" runat="server"/>
<asp:Label id="lblRole" forecolor="red" font-size="10pt" runat="server"/>
</form>
#3
asp.net安全性高级编程
#1
自己先去嗖嗖看了
#2
使用HTTP module实现安全性登录:
using System;
using System.Web;
using System.Security.Principal;
namespace MyModules
{
public class CustomModule: IHttpModule
{
public CustomModule(){}
public void Dispose(){}
public void Init(HttpApplication app){
//建立安全模块
app.AuthenticateRequest +=new EventHandler(this.AuthenticateRequest) ;
}
private void AuthenticateRequest(object o,EventArgs e)
{
HttpApplication app=(HttpApplication)o;
HttpContext content=(HttpContext)app.Context ;
if((app.Request["userid"]==null)||(app.Request["password"]==null)){
content.Response.Write("未提供必需的参数!!") ;
content.Response.End() ;
}
string userid=app.Request["userid"].ToString();
string password=app.Request["password"].ToString();
string[] strRoles=AuthenticateAndGetRoles(userid, password);
if((strRoles==null)||(strRoles.GetLength(0)==0)){
content.Response.Write("未找到相配的角色!!") ;
app.CompleteRequest() ;
}
GenericIdentity objIdentity=new GenericIdentity(userid,"CustomAuthentication");
content.User=new GenericPrincipal(objIdentity,strRoles) ;
}
private string[] AuthenticateAndGetRoles(string r_strUserID,string r_strPassword){
string[] strRoles=null ;
if((r_strUserID.Equals("Steve"))&&(r_strPassword.Equals("15seconds"))){
strRoles=new String[1] ;
strRoles[0]="Administrator" ;
}
else if ((r_strUserID.Equals("Mansoor"))&&(r_strPassword.Equals("mas"))){
strRoles=new string[1] ;
strRoles[0]="User" ;
}
return strRoles ;
}
}
}
编译后生成:Custom.dll
编辑Web.config文件:
<system.web>
<httpModules>
<add name="Custom" type="MyModules.CustomModule,Custom"/>
</httpModules>
</system.web>
--
Custom.aspx页面内容:
<script language="c#" runat="server">
public void page_load(Object obj,EventArgs e)
{
lblMessage.Text = "<H1>Hi, " + User.Identity.Name + "</H1>";
if(User.IsInRole("Administrator"))
lblRole.Text="<H1>You are an Administrator</H1>";
else if(User.IsInRole("User"))
lblRole.Text = "<H1>You are a normal user</H1>";
}
</script>
<form runat="server">
<asp:Label id="lblMessage" forecolor="red" font-size="10pt" runat="server"/>
<asp:Label id="lblRole" forecolor="red" font-size="10pt" runat="server"/>
</form>
using System;
using System.Web;
using System.Security.Principal;
namespace MyModules
{
public class CustomModule: IHttpModule
{
public CustomModule(){}
public void Dispose(){}
public void Init(HttpApplication app){
//建立安全模块
app.AuthenticateRequest +=new EventHandler(this.AuthenticateRequest) ;
}
private void AuthenticateRequest(object o,EventArgs e)
{
HttpApplication app=(HttpApplication)o;
HttpContext content=(HttpContext)app.Context ;
if((app.Request["userid"]==null)||(app.Request["password"]==null)){
content.Response.Write("未提供必需的参数!!") ;
content.Response.End() ;
}
string userid=app.Request["userid"].ToString();
string password=app.Request["password"].ToString();
string[] strRoles=AuthenticateAndGetRoles(userid, password);
if((strRoles==null)||(strRoles.GetLength(0)==0)){
content.Response.Write("未找到相配的角色!!") ;
app.CompleteRequest() ;
}
GenericIdentity objIdentity=new GenericIdentity(userid,"CustomAuthentication");
content.User=new GenericPrincipal(objIdentity,strRoles) ;
}
private string[] AuthenticateAndGetRoles(string r_strUserID,string r_strPassword){
string[] strRoles=null ;
if((r_strUserID.Equals("Steve"))&&(r_strPassword.Equals("15seconds"))){
strRoles=new String[1] ;
strRoles[0]="Administrator" ;
}
else if ((r_strUserID.Equals("Mansoor"))&&(r_strPassword.Equals("mas"))){
strRoles=new string[1] ;
strRoles[0]="User" ;
}
return strRoles ;
}
}
}
编译后生成:Custom.dll
编辑Web.config文件:
<system.web>
<httpModules>
<add name="Custom" type="MyModules.CustomModule,Custom"/>
</httpModules>
</system.web>
--
Custom.aspx页面内容:
<script language="c#" runat="server">
public void page_load(Object obj,EventArgs e)
{
lblMessage.Text = "<H1>Hi, " + User.Identity.Name + "</H1>";
if(User.IsInRole("Administrator"))
lblRole.Text="<H1>You are an Administrator</H1>";
else if(User.IsInRole("User"))
lblRole.Text = "<H1>You are a normal user</H1>";
}
</script>
<form runat="server">
<asp:Label id="lblMessage" forecolor="red" font-size="10pt" runat="server"/>
<asp:Label id="lblRole" forecolor="red" font-size="10pt" runat="server"/>
</form>
#3
asp.net安全性高级编程