当前位置:编程学习 > asp >>

asp.net提供的3种认证方式

asp.net提供了3种认证方式: windows身份验证, Forms验证和Passport验证.
windows身份验证: IIS根据应用程序的设置执行身份验证.要使用这种验证方式,在IIS中必须禁用匿名访问.
Forms验证:用Cookie来保存用户凭证,并将 未经身份验证的用户重定向到自定义的登录页.
Passport验证:通过Microsoft的集中身份验证服务执行的,他为成员站点提供单独登录 和核心配置文件服务.
一. 配置windows身份验证
     1)配置IIS设置
asp.net身份验证方式(ref:DreamSpace <wbr>of <wbr>Dern)
      
    2)设置Web.config
     <system.web>
            <authentication mode = "Windows">
            <!--通知操作系统将当前登录的用户的信任书传递给浏览器-->
              <authorization>
                   <!--禁止匿名用户访问-->
                  <deny users = "?"/>
            </authorization>
      </system.web>
二.配置Forms身份认证
    1)配置web.config
    
<?xml version="1.0"?>
<!--
     Note: As an alternative to hand editing this file you can use the
     web admin tool to configure settings for your application. Use
     the Website->Asp.Net Configuration option in Visual Studio.
     A full list of settings and comments can be found in
     machine.config.comments usually located in
     \Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
 <appSettings/>
 <connectionStrings/>
  <!--允许匿名用户登录register.aspx页-->
  <location path="register.aspx">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>
 <system.web>
  <!--
             Set compilation debug="true" to insert debugging
             symbols into the compiled page. Because this
             affects performance, set this value to true only
             during development.
        -->
  <compilation debug="true"/>
  <!--
             The <authentication> section enables configuration
             of the security authentication mode used by
             ASP.NET to identify an incoming user.
        -->
  <authentication mode="Forms">
   <forms name="auth" loginUrl="login.aspx" timeout="30" protection="All" path="/"></forms>
  </authentication>
  <!--禁止匿名用户登录-->
  <authorization>
   <deny users="?"/>
  </authorization>
  <!--
             The <customErrors> section enables configuration
             of what to do if/when an unhandled error occurs
             during the execution of a request. Specifically,
             it enables developers to configure html error pages
             to be displayed in place of a error stack trace.

         <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
             <error statusCode="403" redirect="NoAccess.htm" />
             <error statusCode="404" redirect="FileNotFound.htm" />
         </customErrors>
        -->
 </system.web>
</configuration>


 
2)登录页面代码
            login.aspx
         
1<%@ Page Language="C#" AutoEventWireup="true" CodeFile="login.aspx.cs" Inherits="login" %>
2
3<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4
5<html xmlns="http://www.w3.org/1999/xhtml" >
6<head runat="server">
7    <title>Untitled Page</title>
8</head>
9<body>
10    <form id="form1" runat="server">
11    <div>
12        <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
13        <asp:Button ID="Button1" runat="server" OnClick="Button1_Click" Text="登陆" /></div>
14    </form>
15</body>
16</html>
 
1using System;
2using System.Data;
3using System.Configuration;
4using System.Collections;
5using System.Web;
6using System.Web.Security;
7using System.Web.UI;
8using System.Web.UI.WebControls;
9using System.Web.UI.WebControls.WebParts;
10using System.Web.UI.HtmlControls;
11
12public partial class login : System.Web.UI.Page
13{
14    protected void Page_Load(object sender, EventArgs e)
15    {
16
17     }
18    protected void Button1_Click(object sender, EventArgs e)
19    {
20         FormsAuthentication.RedirectFromLoginPage(this.TextBox1.Text, false);
21     }
22}
23

三.配置Passport身份认证
    需要安装Passport Software Developer Kit.这种认证方式适合于跨站之间的应用,用户只有一个用户名和密码可以访问任何成员站。
IIS 身份验证
如果 ASP.NET 针对 Windows 身份验证进行配

补充:Web开发 , ASP.Net ,
CopyRight © 2022 站长资源库 编程知识问答 zzzyk.com All Rights Reserved
部分文章来自网络,