ASP. NET profile attributes

ASP. NET profile attributes

Purpose:

Store and use the unique information corresponding to the user

Display personalized Web ApplicationsProgram

The unique identity of a user is used to identify the user upon re-access.

How ASP. NET profile works

When your web application is running, ASP. NET creates a dynamically generated profilecommon class dynamically inherited from the profilebase class. The dynamic profilecommon class contains the fields owned by the profile attribute you specified in the Web application configuration file. An instance of the dynamic profilecommon class is set to the profile attribute of the current httpcontext and can be used on various pages of the application.

User identity of ASP. NET attributes

ASP. NET user profile feature is Design Used to provide information for a unique current user. Profile can be used together with authenticated users and anonymous users.

Authenticated User

By default, a user profile is associated with the user identity stored in the current HTTP context (which can be accessed through system. Web. httpcontext. Current. The user identity is determined by the following factors:

· ASP. NET form review system. After successful review, set the user identity.

· For Windows or passport review, set the user identity after successful review.

· Custom Review: you manage the credit creden。 and manually set the user identity.

ASP. NET form review includes creating a login form and prompting users to request creden. You can use the login control to create a login form and perform a non-encoding form review.

Anonymous user

When you browse a web application without logon, you are holding and using an anonymous user identity. The username of this user identity is a guid string. The user migration method can be used to transform anonymous users into audit users. In fact, the profile and cookie are generated for anonymous users, but the maintained status is stored on the local computer, if the cookie expires or another computer is used, information may be lost.

Development problems:

The ASP. NET profile attribute uses the form review mechanism to maintain the state through cookies, so that it is not affected by Session Timeout. Of course, it can also be set to sliding expire. ASP. the timeout time for the identity cookie held by the net profile attribute must be in the web. the timeout attribute is set on the forms element in the config file, which has a range limit on values. However, you can maintain a "permanent" profile by setting a large value. In fact, the cookie timeout time is too long, there is a security risk, but to meet some needs to use this method, but remember to encrypt the cookie and try to use the SSL connection to keep the cookie secure.

The fields and providers of the ASP. NET profile attribute must be set in the web. config file. The key lies in the provider. By default, lightweight databases (local database files) are used to support profile attributes. However, for enterprise-level development, use the aspnet_regsql command to generate databases, of course, this database can be an existing database to facilitate developers to develop the authentication and review functions of existing systems.

Another feature of ASP. NET profile is that the database stores the root and corresponding identity of each web application on the Web application server, so it is also used to implement SSO.

Link: http://hi.baidu.com/siceblue/blog/item/74131022c2c622a24623e8fc.html