This is not necessarily an issue, I am just curious as to how it works. I have a method:
这不一定是一个问题,我只是好奇它是如何工作的。我有一个方法:
public static bool UserIsAuthenticated()
{
bool isAuthed = false;
try
{
if (HttpContext.Current.User.Identity.Name != null)
{
if (HttpContext.Current.User.Identity.Name.Length != 0)
{
FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
isAuthed = true;
string MyUserData = ticket.UserData;
}
}
}
catch { } // not authed
return isAuthed;
}
The HttpContext.Current.User.Identity.Name
returns null
if the user does not exist, but how does it know which usernames exist or do not exist?
如果用户不存在,HttpContext.Current.User.Identity.Name将返回null,但它如何知道哪些用户名存在或不存在?
5 个解决方案
#1
18
The HttpContext.Current.User.Identity.Name returns null
HttpContext.Current.User.Identity.Name返回null
This depends on whether the authentication mode is set to Forms or Windows in your web.config file.
这取决于您的web.config文件中的身份验证模式是设置为Forms还是Windows。
For example, if I write the authentication like this:
例如,如果我像这样编写身份验证:
<authentication mode="Forms"/>
Then because the authentication mode="Forms", I will get null for the username. But if I change the authentication mode to Windows like this:
然后因为身份验证模式=“表单”,我将为用户名获取null。但是,如果我将身份验证模式更改为Windows,如下所示:
<authentication mode="Windows"/>
I can run the application again and check for the username, and I will get the username successfully.
我可以再次运行该应用程序并检查用户名,我将成功获取用户名。
For more information, see System.Web.HttpContext.Current.User.Identity.Name Vs System.Environment.UserName in ASP.NET.
有关更多信息,请参见ASP.NET中的System.Web.HttpContext.Current.User.Identity.Name与System.Environment.UserName。
#2
47
For windows authentication
用于Windows身份验证
select your project.
选择你的项目。
Press F4
按F4
Disable "Anonymous Authentication" and enable "Windows Authentication"
禁用“匿名身份验证”并启用“Windows身份验证”
#3
2
Also check that
还检查一下
<modules>
<remove name="FormsAuthentication"/>
</modules>
If you found anything like this just remove:
如果你发现这样的东西,只需删除:
<remove name="FormsAuthentication"/>
Line from web.config and here you go it will work fine I have tested it.
来自web.config的行,在这里你去它将工作正常我已经测试过它。
#4
2
Assume a network environment where a "user" (aka you) has to logon. Usually this is a User ID (UID) and a Password (PW). OK then, what is your Identity, or who are you? You are the UID, and this gleans that "name" from your logon session. Simple! It should also work in an internet application that needs you to login, like Best Buy and others.
假设“用户”(也就是您)必须登录的网络环境。通常这是用户ID(UID)和密码(PW)。那么,你的身份是什么,或者你是谁?您是UID,这可以从您的登录会话中“命名”。简单!它也应该在需要您登录的互联网应用程序中工作,例如Best Buy和其他人。
This will pull my UID, or "Name", from my session when I open the default page of the web application I need to use. Now, in my instance, I am part of a Domain, so I can use initial Windows authentication, and it needs to verify who I am, thus the 2nd part of the code. As for Forms Authentication, it would rely on the ticket (aka cookie most likely) sent to your workstation/computer. And the code would look like:
当我打开我需要使用的Web应用程序的默认页面时,这将从我的会话中拉出我的UID或“名称”。现在,在我的实例中,我是域的一部分,所以我可以使用初始Windows身份验证,它需要验证我是谁,因此代码的第二部分。至于表单身份验证,它将依赖于发送到您的工作站/计算机的票证(最有可能是cookie)。代码看起来像:
string id = HttpContext.Current.User.Identity.Name;
// Strip the domain off of the result
id = id.Substring(id.LastIndexOf(@"\", StringComparison.InvariantCulture) + 1);
Now it has my business name (aka UID) and can display it on the screen.
现在它有我的公司名称(又名UID),可以在屏幕上显示。
#5
0
How does [HttpContext.Current.User] know which usernames exist or do not exist?
[HttpContext.Current.User]如何知道哪些用户名存在或不存在?
Let's look at an example of one way this works. Suppose you are using Forms Authentication and the "OnAuthenticate" event fires. This event occurs "when the application authenticates the current request" (Reference Source).
让我们看一下这种方法的一个例子。假设您正在使用表单身份验证并触发“OnAuthenticate”事件。 “当应用程序验证当前请求时”(参考源)发生此事件。
Up until this point, the application has no idea who you are.
到目前为止,应用程序根本不知道你是谁。
Since you are using Forms Authentication, it first checks by parsing the authentication cookie (usually .ASPAUTH) via a call to ExtractTicketFromCookie
. This calls FormsAuthentication.Decrypt
(This method is public; you can call this yourself!). Next, it calls Context.SetPrincipalNoDemand
, turning the cookie into a user and stuffing it into Context.User
(Reference Source).
由于您使用的是表单身份验证,因此首先通过调用ExtractTicketFromCookie来解析身份验证cookie(通常为.ASPAUTH)。这称为FormsAuthentication.Decrypt(此方法是公共的;您可以自己调用它!)。接下来,它调用Context.SetPrincipalNoDemand,将cookie转换为用户并将其填充到Context.User(Reference Source)中。
#1
18
The HttpContext.Current.User.Identity.Name returns null
HttpContext.Current.User.Identity.Name返回null
This depends on whether the authentication mode is set to Forms or Windows in your web.config file.
这取决于您的web.config文件中的身份验证模式是设置为Forms还是Windows。
For example, if I write the authentication like this:
例如,如果我像这样编写身份验证:
<authentication mode="Forms"/>
Then because the authentication mode="Forms", I will get null for the username. But if I change the authentication mode to Windows like this:
然后因为身份验证模式=“表单”,我将为用户名获取null。但是,如果我将身份验证模式更改为Windows,如下所示:
<authentication mode="Windows"/>
I can run the application again and check for the username, and I will get the username successfully.
我可以再次运行该应用程序并检查用户名,我将成功获取用户名。
For more information, see System.Web.HttpContext.Current.User.Identity.Name Vs System.Environment.UserName in ASP.NET.
有关更多信息,请参见ASP.NET中的System.Web.HttpContext.Current.User.Identity.Name与System.Environment.UserName。
#2
47
For windows authentication
用于Windows身份验证
select your project.
选择你的项目。
Press F4
按F4
Disable "Anonymous Authentication" and enable "Windows Authentication"
禁用“匿名身份验证”并启用“Windows身份验证”
#3
2
Also check that
还检查一下
<modules>
<remove name="FormsAuthentication"/>
</modules>
If you found anything like this just remove:
如果你发现这样的东西,只需删除:
<remove name="FormsAuthentication"/>
Line from web.config and here you go it will work fine I have tested it.
来自web.config的行,在这里你去它将工作正常我已经测试过它。
#4
2
Assume a network environment where a "user" (aka you) has to logon. Usually this is a User ID (UID) and a Password (PW). OK then, what is your Identity, or who are you? You are the UID, and this gleans that "name" from your logon session. Simple! It should also work in an internet application that needs you to login, like Best Buy and others.
假设“用户”(也就是您)必须登录的网络环境。通常这是用户ID(UID)和密码(PW)。那么,你的身份是什么,或者你是谁?您是UID,这可以从您的登录会话中“命名”。简单!它也应该在需要您登录的互联网应用程序中工作,例如Best Buy和其他人。
This will pull my UID, or "Name", from my session when I open the default page of the web application I need to use. Now, in my instance, I am part of a Domain, so I can use initial Windows authentication, and it needs to verify who I am, thus the 2nd part of the code. As for Forms Authentication, it would rely on the ticket (aka cookie most likely) sent to your workstation/computer. And the code would look like:
当我打开我需要使用的Web应用程序的默认页面时,这将从我的会话中拉出我的UID或“名称”。现在,在我的实例中,我是域的一部分,所以我可以使用初始Windows身份验证,它需要验证我是谁,因此代码的第二部分。至于表单身份验证,它将依赖于发送到您的工作站/计算机的票证(最有可能是cookie)。代码看起来像:
string id = HttpContext.Current.User.Identity.Name;
// Strip the domain off of the result
id = id.Substring(id.LastIndexOf(@"\", StringComparison.InvariantCulture) + 1);
Now it has my business name (aka UID) and can display it on the screen.
现在它有我的公司名称(又名UID),可以在屏幕上显示。
#5
0
How does [HttpContext.Current.User] know which usernames exist or do not exist?
[HttpContext.Current.User]如何知道哪些用户名存在或不存在?
Let's look at an example of one way this works. Suppose you are using Forms Authentication and the "OnAuthenticate" event fires. This event occurs "when the application authenticates the current request" (Reference Source).
让我们看一下这种方法的一个例子。假设您正在使用表单身份验证并触发“OnAuthenticate”事件。 “当应用程序验证当前请求时”(参考源)发生此事件。
Up until this point, the application has no idea who you are.
到目前为止,应用程序根本不知道你是谁。
Since you are using Forms Authentication, it first checks by parsing the authentication cookie (usually .ASPAUTH) via a call to ExtractTicketFromCookie
. This calls FormsAuthentication.Decrypt
(This method is public; you can call this yourself!). Next, it calls Context.SetPrincipalNoDemand
, turning the cookie into a user and stuffing it into Context.User
(Reference Source).
由于您使用的是表单身份验证,因此首先通过调用ExtractTicketFromCookie来解析身份验证cookie(通常为.ASPAUTH)。这称为FormsAuthentication.Decrypt(此方法是公共的;您可以自己调用它!)。接下来,它调用Context.SetPrincipalNoDemand,将cookie转换为用户并将其填充到Context.User(Reference Source)中。