ASP. NET-User ID of configuration file attributes

 

The ASP. Net user configuration file function is designed to provide the unique information of the current user. Configuration files can be used by authenticated users or anonymous (unauthenticated) users.

 

1. Authenticated Users

By default, the user configuration file is associated with the user ID stored in the current HTTP context (which can be accessed through the httpcontext...:. Current attribute. The user identity can be determined in the following ways:

ASP. NET Forms authentication system, which sets the user ID after the authentication is successful.

Windows or passport authentication. This feature sets the user ID after authentication is successful.

User-Defined identity authentication, and manual management of user creden。 acquisition and user identity settings.

For ASP. NET Forms authentication, you need to create a logon form and prompt the user to provide creden. The ASP. Net Logon control allows you to create a logon form and perform Forms authentication without writing any code. For information on using ASP. NET to authenticate users, see ASP. Net Logon control overview and membership management users.

 

2. Anonymous Users

The configuration file can also be used by anonymous users. By default, anonymous configuration file support is not enabled, so it must be explicitly enabled. In addition, when defining the properties of the configuration file in the web. config file, you must explicitly define it to be used independently by anonymous users. Because the configuration file may be designed for authenticated users and many attributes may contain personal information unavailable to anonymous users, the configuration file attribute does not support anonymous access by default.

If the anonymous identity is enabled, ASP. NET creates a unique identity for the user when accessing the site for the first time. The Unique User ID is stored in the cookie on the user's computer, so that the user can be identified for each page request. The default cookie validity period is about 70 days. When a user accesses a site, the cookie is updated on a regular basis. If the user's computer does not accept cookies, the user's identity can be maintained as part of the requested page url (although the identity will be lost when the user closes the browser ).

 

3. migrate anonymous configuration file information

In some cases, your application may initially maintain personalized settings for anonymous users, but the user is logged on to your application. In this case, the user's identity is changed from the assigned anonymous user identity to the identity provided by the authentication process.

When a user logs on (no longer an anonymous user), The migrateanonymous event is triggered. If necessary, the event can be processed to migrate information from the user's anonymous identity to the new authenticated identity. The following code example shows how to migrate information when a user passes authentication.

Public void profile_onmigrateanonymous (Object sender, profilemigrateeventargs ARGs)

{

Profilecommon anonymousprofile = profile. getprofile (ARGs. anonymousid );

 

Profile. zipcode = anonymouspusprofile. zipcode;

Profile. cityandstate = anonymousprofile. cityandstate;

Profile. stocksymbols = anonymouspusprofile. stocksymbols;

 

////////

// Delete the anonymous profile. If the anonymous ID is not

// Needed in the rest of the site, remove the anonymous cookie.

 

Profilemanager. deleteprofile (ARGs. anonymousid );

Anonymousidentificationmodule. clearanonymousidentifier ();

 

// Delete the user row that was created for the anonymous user.

Membership. deleteuser (ARGs. anonymousid, true );

 

}