ASP. NET authentication code has been written for a long time, and I always want to write something else. This is not the case. The above mentioned integration of two projects to form a Single login Single Sign On), also known as "Single Sign-On ". After reading the relevant documents, I finally realized it. Now I will share it with you. You may ask, "Is this not the same as the title ?" Don't worry. Before I start, I thought about some problems I encountered when I was using Form authentication and some skills I used in the process. The writing level is limited. I would like to ask you for a large amount of data and the programming ability is not very good. This article is for your learning and communication. If you repost it, please note that the original author is Nai Hanyu Feng. I am not very grateful!
This is almost the case. To put it bluntly, there are four authentication modes: "Windows", "Form", "Passport", and "None" for ASP. NET security authentication. "Windows" and "None" do not play a protection role and are not recommended. I have never used "Passport", alas ...... So I have to talk about "Form" certification. I plan to divide it into three parts:
Part 1 -- How to Implement Form authentication;
Part 2: Practical Application of Form authentication;
Part 3: Single Sign On (Single Sign On)
Part 1 How to Use Form for ASP. NET Authentication
1. Create a test project
To better illustrate, it is necessary to create a new test project, which is now "FormTest"). Three pages are adequate: Default. aspx, Login. aspx, UserInfo. aspx ). What? No one will create a project or add a page? What should I do? I think it's okay: drag it out, call it back, learn from kindergarten ......
2. modify Web. config
1. Double-click "Web. config" in the project and click "PP)
2. Find the following text and change it:
- <authentication mode="Forms">
- <forms loginUrl="Login.aspx" name=".ASPXAUTH"> forms>
- authentication>
3. FindChange
- <authorization><deny users="?"> deny> authorization>
There is nothing to say here, just copy it. However, some people may make a mistake as follows:
- <authentication mode="Forms">
- <forms loginUrl="Login.aspx" name=".APSX"> forms>
- <deny users="?"> deny>
- authentication>
If you want to ask who Put in, I will be honored to tell you that it was me N years ago: I started with the auth letter and ended with the ation, what is it like; I thought they were a group of English words ......
3. Write. cs code-Logon and exit
1. logon code:
A. Introduced in books
- private void Btn_Login_Click(object sender, System.EventArgs e)
- {
- if(this.Txt_UserName.Text=="Admin" && this.Txt_Password.Text=="123456")
- {
- System.Web.Security.FormsAuthentication.RedirectFromLoginPage(this.Txt_UserName.Text,false);
- }
- }
B. I have been searching for N for a long time.
- private void Btn_Login_Click(object sender, System.EventArgs e)
- {
- if(this.Txt_UserName.Text=="Admin" && this.Txt_Password.Text=="123456")
- {
- System.Web.Security.FormsAuthentication.SetAuthCookie(this.Txt_UserName.Text,false);
- Response.Redirect("Default.aspx");
- }
- }
The two types of cookies can be issued after verification, that is, they pass verification. difference:
Method a) returns the request page after verification, which is commonly known as "from where to where ". For example, if you enter http: // localhost/FormTest/UserInfo. aspx directly in the IE address bar before logging on, the user will see Login. aspx? ReturnUrl = UserInfo. aspx. After the user name and password are entered, the system returns the corresponding page based on the value of "ReturnUrl ".
Method B) two steps are taken: after the verification is passed, the Cookie is directly issued, and the jump page will be designated by the programmer. This method is mostly used in the system where Default. aspx uses the framework structure.
2. ASP. NET authentication exit code:
- private void Btn_LogOut_Click(object sender, System.EventArgs e)
- {
- System.Web.Security.FormsAuthentication.SignOut();
- }
Iv. How to determine whether ASP. NET authentication is successful or not and obtain user information after ASP. NET Authentication
Sometimes, you need to determine whether the user has logged on to the same page and then display different la S. Some people like to use the Session to judge, and I do not oppose this kind of practice. Here I just want to tell you there is another method and read the following code:
- If(User. Identity. IsAuthenticated)
- {
- // You have passed ASP. NET authentication. Do you know what to do?
- }
User. identity also has two authentication types: AuthenticationType and Name User Name. Note that the Name attribute is the User. identity. name will get, when the verification passes RedirectFromLoginPage or SetAuthCookie), we bring the first parameter this. txt_UserName.Text.
- XML data displayed on the ASP. NET page
- What is iframe asp. NET?
- ASP. NET lifecycle display
- Solve the Problem of ASP. net ajax script errors
- ASP. NET Applications