如何使用Membership进行AD用户登陆验证
0
悬赏园豆:100
[待解决问题]
我是照着MSDN做的,网址:http://msdn.microsoft.com/zh-cn/library/ms998347.aspx使用Membership.ValidateUser()方法,返回的false,使用断点也进入不到Membership类调试,下面是我的代码
一共有三个页面WebForm,一个Login.aspx(登陆页面),Info.aspx(登陆成功跳转到这个页面),Default.aspx(注销页面)
请大家看看是不是我哪里没有配置好,Membership.ValidateUser()总是返回false,无法验证AD用户的是否存在?
Login.aspx
1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="WebApplication1.Login" %> 2 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 4 5 <html xmlns="http://www.w3.org/1999/xhtml" > 6 <head runat="server"> 7 <title>无标题页</title> 8 </head> 9 <body> 10 <form id="form1" runat="server"> 11 <div> 12 <asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" /> 13 </div> 14 </form> 15 </body> 16 </html>
Login.aspx.cs
1 using System; 2 using System.Collections; 3 using System.Configuration; 4 using System.Data; 5 using System.Linq; 6 using System.Web; 7 using System.Web.Security; 8 using System.Web.UI; 9 using System.Web.UI.HtmlControls; 10 using System.Web.UI.WebControls; 11 using System.Web.UI.WebControls.WebParts; 12 using System.Xml.Linq; 13 14 namespace WebApplication1 15 { 16 public partial class Login : System.Web.UI.Page 17 { 18 protected void Page_Load(object sender, EventArgs e) 19 { 20 21 } 22 23 protected void Button1_Click(object sender, EventArgs e) 24 { 25 //点击登陆按钮 26 //这里假设已经通过了数据库的对比,确实存在该用户 27 string userId = "Test\\lewis"; 28 string pa = "123456"; 29 string roles = "Administrator"; //从其他地方取得用户角色数据 30 31 if (Membership.ValidateUser(userId, pa)) 32 { 33 FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, userId, DateTime.Now, DateTime.Now.AddMinutes(1), true, roles); //建立身份验证票对象 34 string HashTicket = FormsAuthentication.Encrypt(Ticket); //加密序列化验证票为字符串 35 HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket); //生成Cookie 36 Context.Response.Cookies.Add(UserCookie); //票据写入Cookie 37 Response.Redirect("Info.aspx"); 38 } 39 else 40 { 41 Response.Write("无效用户名或密码!"); 42 } 43 //为用户名创建一个身份验证票据,并将其添加到响应的Cookie中 44 //以后用户验证都通过这个cookie来维持 45 //SetAuthCookie的第一个参数为已验证的用户的名称,一般就是用户id 46 //SetAuthCookie的第二个参数为true时代表创建持久Cookie(跨浏览器会话保存的 Cookie) 47 //为false则关闭浏览器后要重新验证身份 48 //FormsAuthentication.RedirectFromLoginPage(userId, false); 49 } 50 } 51 }
Info.aspx
1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Info.aspx.cs" Inherits="WebApplication1.Info" %> 2 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 4 5 <html xmlns="http://www.w3.org/1999/xhtml" > 6 <head runat="server"> 7 <title>无标题页</title> 8 </head> 9 <body> 10 <form id="form1" runat="server"> 11 <div> 12 13 </div> 14 </form> 15 </body> 16 </html>
info.aspx.cs
1 using System; 2 using System.Collections; 3 using System.Configuration; 4 using System.Data; 5 using System.Linq; 6 using System.Web; 7 using System.Web.Security; 8 using System.Web.UI; 9 using System.Web.UI.HtmlControls; 10 using System.Web.UI.WebControls; 11 using System.Web.UI.WebControls.WebParts; 12 using System.Xml.Linq; 13 14 namespace WebApplication1 15 { 16 public partial class Info : System.Web.UI.Page 17 { 18 protected void Page_Load(object sender, EventArgs e) 19 { 20 Response.Write(User.Identity.IsAuthenticated +" "+ User.Identity.Name); 21 } 22 } 23 }
Default.aspx
1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="WebApplication1._Default" %> 2 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 4 5 <html xmlns="http://www.w3.org/1999/xhtml" > 6 <head runat="server"> 7 <title>无标题页</title> 8 </head> 9 <body> 10 <form id="form1" runat="server"> 11 <div> 12 <asp:Button Text="注销用户" ID="btnLogout" runat="server" 13 onclick="btnLogout_Click"/> 14 </div> 15 </form> 16 </body> 17 </html>
Default.aspx.cs
1 using System; 2 using System.Collections; 3 using System.Configuration; 4 using System.Data; 5 using System.Linq; 6 using System.Web; 7 using System.Web.Security; 8 using System.Web.UI; 9 using System.Web.UI.HtmlControls; 10 using System.Web.UI.WebControls; 11 using System.Web.UI.WebControls.WebParts; 12 using System.Xml.Linq; 13 14 namespace WebApplication1 15 { 16 public partial class _Default : System.Web.UI.Page 17 { 18 protected void Page_Load(object sender, EventArgs e) 19 { 20 21 } 22 23 protected void btnLogout_Click(object sender, EventArgs e) 24 { 25 FormsAuthentication.SignOut(); 26 } 27 } 28 }
web.config
1 <?xml version="1.0"?> 2 <configuration> 3 <appSettings/> 4 <connectionStrings> 5 <add name="ADConnectionString" connectionString="LDAP://192.168.210.123/CN=Users,DC=Test,DC=com"/> 6 </connectionStrings> 7 8 <system.web> 9 <compilation debug="true" targetFramework="4.0"/> 10 11 <authentication mode="Forms"> 12 <forms loginUrl="Login.aspx" 13 protection="All" 14 timeout="30" 15 name="AppNameCookie" 16 path="/FormsAuth" 17 requireSSL="false" 18 slidingExpiration="true" 19 defaultUrl="Default.aspx" 20 cookieless="UseCookies" 21 enableCrossAppRedirects="false"/> 22 </authentication> 23 24 <authorization> 25 <deny users="?" /> 26 <allow users="*" /> 27 </authorization> 28 29 <membership defaultProvider="MembershipADProvider"> 30 <providers> 31 <add 32 name="MembershipADProvider" 33 type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, 34 Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 35 connectionStringName="ADConnectionString" 36 connectionUsername="Test\lewis" 37 connectionPassword="123456"/> 38 </providers> 39 </membership> 40 41 42 <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/> 43 </system.web> 44 45 <!-- 用户角色授权 --> 46 <location path="Info.aspx"> 47 <system.web> 48 <authorization> 49 <allow roles="Administrator"/> 50 <deny users="*"/> 51 </authorization> 52 </system.web> 53 </location> 54 </configuration>
Global.asax
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
HttpContext context = app.Context; //获取本次Http请求的HttpContext对象
if (context.Request.IsAuthenticated) //验证过的一般用户才能进行角色验证
{
FormsIdentity Id = (FormsIdentity)context.User.Identity; //当前用户标识
FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份证票
string[] Roles = Ticket.UserData.Split(','); //将角色数据转成字符串数组,得到相关的角色信息
context.User = new System.Security.Principal.GenericPrincipal(Id, Roles); //重新生成带有角色信息的用户
}
}
请大家看看是不是我哪里没有配置好,Membership.ValidateUser()总是返回false,无法验证AD用户的是否存在?
所有回答(2)
0
首先要authentication mode="windows"
用authentication mode="windows",把具体的配置给说说,特别是web.config
1
你程序设置中用的是form authentication 应该用 windows authentication。
<system.web>
<authentication mode="Windows" />
<identity impersonate="true" />
</system.web>
