首页 新闻 搜索 专区 学院

如何使用Membership进行AD用户登陆验证

0
悬赏园豆:100 [待解决问题]

我是照着MSDN做的,网址:http://msdn.microsoft.com/zh-cn/library/ms998347.aspx使用Membership.ValidateUser()方法,返回的false,使用断点也进入不到Membership类调试,下面是我的代码

一共有三个页面WebForm,一个Login.aspx(登陆页面),Info.aspx(登陆成功跳转到这个页面),Default.aspx(注销页面)

请大家看看是不是我哪里没有配置好,Membership.ValidateUser()总是返回false,无法验证AD用户的是否存在?

 

Login.aspx

 1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="WebApplication1.Login" %>
 2 
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 4 
 5 <html xmlns="http://www.w3.org/1999/xhtml" >
 6 <head runat="server">
 7     <title>无标题页</title>
 8 </head>
 9 <body>
10     <form id="form1" runat="server">
11     <div>
12         <asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" />
13     </div>
14     </form>
15 </body>
16 </html>
View Code

 

Login.aspx.cs

 1 using System;
 2 using System.Collections;
 3 using System.Configuration;
 4 using System.Data;
 5 using System.Linq;
 6 using System.Web;
 7 using System.Web.Security;
 8 using System.Web.UI;
 9 using System.Web.UI.HtmlControls;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Xml.Linq;
13 
14 namespace WebApplication1
15 {
16     public partial class Login : System.Web.UI.Page
17     {
18         protected void Page_Load(object sender, EventArgs e)
19         {
20           
21         }
22 
23         protected void Button1_Click(object sender, EventArgs e)
24         {
25             //点击登陆按钮
26             //这里假设已经通过了数据库的对比,确实存在该用户
27             string userId = "Test\\lewis";
28             string pa = "123456";
29             string roles = "Administrator";  //从其他地方取得用户角色数据
30 
31             if (Membership.ValidateUser(userId, pa))
32             {
33                 FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, userId, DateTime.Now, DateTime.Now.AddMinutes(1), true, roles); //建立身份验证票对象 
34                 string HashTicket = FormsAuthentication.Encrypt(Ticket); //加密序列化验证票为字符串 
35                 HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket); //生成Cookie 
36                 Context.Response.Cookies.Add(UserCookie); //票据写入Cookie 
37                 Response.Redirect("Info.aspx");
38             }
39             else
40             {
41                 Response.Write("无效用户名或密码!");
42             }
43             //为用户名创建一个身份验证票据,并将其添加到响应的Cookie中 
44             //以后用户验证都通过这个cookie来维持
45             //SetAuthCookie的第一个参数为已验证的用户的名称,一般就是用户id
46             //SetAuthCookie的第二个参数为true时代表创建持久Cookie(跨浏览器会话保存的 Cookie)
47             //为false则关闭浏览器后要重新验证身份 
48             //FormsAuthentication.RedirectFromLoginPage(userId, false);
49         }
50     }
51 }
View Code


Info.aspx

 1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Info.aspx.cs" Inherits="WebApplication1.Info" %>
 2 
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 4 
 5 <html xmlns="http://www.w3.org/1999/xhtml" >
 6 <head runat="server">
 7     <title>无标题页</title>
 8 </head>
 9 <body>
10     <form id="form1" runat="server">
11     <div>
12     
13     </div>
14     </form>
15 </body>
16 </html>
View Code

 

info.aspx.cs

 1 using System;
 2 using System.Collections;
 3 using System.Configuration;
 4 using System.Data;
 5 using System.Linq;
 6 using System.Web;
 7 using System.Web.Security;
 8 using System.Web.UI;
 9 using System.Web.UI.HtmlControls;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Xml.Linq;
13 
14 namespace WebApplication1
15 {
16     public partial class Info : System.Web.UI.Page
17     {
18         protected void Page_Load(object sender, EventArgs e)
19         {
20             Response.Write(User.Identity.IsAuthenticated +"  "+ User.Identity.Name);
21         }
22     }
23 }
View Code

 

Default.aspx

 1 <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="WebApplication1._Default" %>
 2 
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 4 
 5 <html xmlns="http://www.w3.org/1999/xhtml" >
 6 <head runat="server">
 7     <title>无标题页</title>
 8 </head>
 9 <body>
10     <form id="form1" runat="server">
11     <div>
12          <asp:Button Text="注销用户" ID="btnLogout" runat="server" 
13              onclick="btnLogout_Click"/>
14     </div>
15     </form>
16 </body>
17 </html>
View Code

 

Default.aspx.cs

 1 using System;
 2 using System.Collections;
 3 using System.Configuration;
 4 using System.Data;
 5 using System.Linq;
 6 using System.Web;
 7 using System.Web.Security;
 8 using System.Web.UI;
 9 using System.Web.UI.HtmlControls;
10 using System.Web.UI.WebControls;
11 using System.Web.UI.WebControls.WebParts;
12 using System.Xml.Linq;
13 
14 namespace WebApplication1
15 {
16     public partial class _Default : System.Web.UI.Page
17     {
18         protected void Page_Load(object sender, EventArgs e)
19         {
20 
21         }
22 
23         protected void btnLogout_Click(object sender, EventArgs e)
24         {
25             FormsAuthentication.SignOut();
26         }
27     }
28 }
View Code

 

web.config

 1 <?xml version="1.0"?>
 2 <configuration>
 3   <appSettings/>
 4     <connectionStrings>
 5         <add name="ADConnectionString" connectionString="LDAP://192.168.210.123/CN=Users,DC=Test,DC=com"/>
 6     </connectionStrings>
 7 
 8     <system.web>
 9     <compilation debug="true" targetFramework="4.0"/>
10 
11         <authentication mode="Forms">    
12             <forms loginUrl="Login.aspx"
13                    protection="All"
14                    timeout="30"
15                    name="AppNameCookie"
16                    path="/FormsAuth"
17                    requireSSL="false"
18                    slidingExpiration="true"
19                    defaultUrl="Default.aspx"
20                    cookieless="UseCookies"
21                    enableCrossAppRedirects="false"/>
22         </authentication>
23         
24         <authorization>
25             <deny users="?" />
26             <allow users="*" />
27         </authorization>
28         
29         <membership defaultProvider="MembershipADProvider">
30             <providers>
31                 <add
32                   name="MembershipADProvider"
33                   type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, 
34             Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
35                             connectionStringName="ADConnectionString"
36                             connectionUsername="Test\lewis" 
37                 connectionPassword="123456"/>
38             </providers>
39         </membership>
40 
41 
42         <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
43   </system.web>
44     
45   <!-- 用户角色授权 -->
46   <location path="Info.aspx">
47     <system.web>
48       <authorization>
49         <allow roles="Administrator"/>
50         <deny users="*"/>
51       </authorization>
52     </system.web>
53   </location>
54 </configuration>
View Code

 

Global.asax

         protected void Application_AuthenticateRequest(object sender, EventArgs e)
        {
            HttpApplication app = (HttpApplication)sender;
            HttpContext context = app.Context; //获取本次Http请求的HttpContext对象
            if (context.Request.IsAuthenticated) //验证过的一般用户才能进行角色验证
            {
                FormsIdentity Id = (FormsIdentity)context.User.Identity; //当前用户标识
                FormsAuthenticationTicket Ticket = Id.Ticket; //取得身份证票
                string[] Roles = Ticket.UserData.Split(','); //将角色数据转成字符串数组,得到相关的角色信息
                context.User = new System.Security.Principal.GenericPrincipal(Id, Roles); //重新生成带有角色信息的用户
            }
        }


请大家看看是不是我哪里没有配置好,Membership.ValidateUser()总是返回false,无法验证AD用户的是否存在?

问题补充:

怎么没人回复,分给的太少?

寒冷的冬天的主页 寒冷的冬天 | 初学一级 | 园豆:102
提问于:2013-11-04 17:10
< >
分享
所有回答(2)
0

首先要authentication mode="windows"

三岔路 | 园豆:219 (菜鸟二级) | 2013-11-05 14:16

用authentication mode="windows",把具体的配置给说说,特别是web.config

支持(0) 反对(0) 寒冷的冬天 | 园豆:102 (初学一级) | 2013-11-05 16:31
1

你程序设置中用的是form authentication 应该用 windows authentication。 

<system.web>

  <authentication mode="Windows" />
    <identity impersonate="true" />

</system.web>

gunsmoke | 园豆:3592 (老鸟四级) | 2013-11-06 09:55
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册