关于认证登录的问题,在别人代码里看到了下面这段,可是我发现我这么写也没问题(第二段代码),两者的区别是什么呢?
protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
string encTicket = authCookie.Value;
if (!string.IsNullOrEmpty(encTicket))
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(encTicket);
MyIdentity id = new MyIdentity(ticket);
GenericPrincipal prin = new GenericPrincipal(id, id.Roles);
HttpContext.Current.User = prin;
}
}
}
protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
{
FormsIdentity id = HttpContext.Current.User.Identity as FormsIdentity;
if (id != null)
{
HttpContext.Current.User = new GenericPrincipal(FormsIdentity, new string[] { "" });
}
}
Asp.Net的身份标识模拟功能.Asp.Net在认证授权后可以自动将用户凭据转化成IPrincipal,实现IPrincipal的有好几种,你写的GenericPrincipal只是最简单的一种,还有满足NTLM认证的WindowsPrincipal等.