使用表单身份验证为 ASP.NET 应用程序创建默认用户
我正在创建一个 ASP.NET Web 应用程序,我想使用表单身份验证来保护它的安全。
当应用程序第一次运行时,我希望它创建一个默认管理员帐户,以便所有者能够登录并配置应用程序。
我设法通过从 Application_Start 方法运行以下方法来解决此问题:
private static void InitializeMembership(MembershipProvider provider)
{
int total;
provider.GetAllUsers(0, 1, out total);
if (total == 0)
{
Membership.CreateUser("admin", "admin");
}
}
问题是此操作失败,并出现有关所选密码不够安全的错误。 通常这会很好,因为我确实想强制执行强密码,但在这种特定情况下,我想要一个简单的密码
是否有一种方法可以禁用仅针对此调用的检查,或者我是否错误地处理了整个问题?
I'm creating an ASP.NET web application which I want to secure with Forms Authentication.
When the application is run for the first time, I want it to create a default administrator account so that the owner is able to log in and configure the application.
I managed to get something working for this by running the following method from the Application_Start method:
private static void InitializeMembership(MembershipProvider provider)
{
int total;
provider.GetAllUsers(0, 1, out total);
if (total == 0)
{
Membership.CreateUser("admin", "admin");
}
}
The problem is this fails with an error about the chosen password not being secure enough. Normally this would be fine as I do want to enforce a strong password, but in this specific case I want a simple password
Is there a way of disabling the check for just this call, or am I approaching the whole problem incorrectly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
默认情况下,我会在数据库中附带管理员用户,并强制在第一次登录时更改密码。
这在两个方面有帮助:
1)你知道默认管理员将永远存在
2)您不必维护仅以非常随机的时间间隔运行的用户创建代码。
或者,您可以使默认密码更复杂。
I would ship the DATABASE with the admin user in there by default, and force that password to get changed on the first login.
This is helpful in two ways:
1) You know that the default admin will always be there
2) you don't have to maintain that user creation code that will only run at very random intervals.
Alternatively, you could make your default password be more complex.