当前位置：文江博客话题详情

ASP.NET 成员资格 - 当您在同一 Web 应用程序中调用 Web 服务时，经过身份验证的用户是否会丢失

发布于 2024-07-22 05:47:11 字数 2155 浏览 1 评论 0 原文

我正在使用 ASP.NET 登录控件进行身份验证。

我有一些用户，他们能够成功登录。经过身份验证后，我重定向到页面 helloworld.aspx。在 Page_Load 方法中，我首先调用 Membership.GetUser()。这将正确返回经过身份验证的用户。然后，我调用驻留在同一 Web 应用程序中的简单 WCF Web 服务。我的 WebService 调用的第一行是相同的 Membership.GetUser()。但这一次它返回 NULL。

有什么想法吗？

谢谢， Justin

这里是一些代码片段

JustinPage.aspx

public partial class JustinPage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        MembershipUser user = Membership.GetUser();
        // user is a valid user

        JustinService.JustinTestServiceClient justin = new CMS.WEB.JustinService.JustinTestServiceClient();
        justin.DoWork();
    }
}

JustinTestService.svc.cs

[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class JustinTestService
{
    [OperationContract]
    public void DoWork()
    {
        MembershipUser user = Membership.GetUser();
        // user is NULL ???  Why?
        return;
    }
}

正如前面提到的，服务源代码位于与 Justin.aspx 相同的 Web 应用程序中，正如您可以通过端点看到的那样（注意我的应用程序固定在端口 19003 上）...

端点地址=“http://localhost:19003/Services/JustinTestService.svc” 绑定=“basicHttpBinding”绑定配置=“BasicHttpBinding_JustinTestService” Contract="JustinService.JustinTestService" name="BasicHttpBinding_JustinTestService" /

绑定看起来像这样...

<安全模式=“无”>

也许它与有关。 ???

原文

I am using the ASP.NET Login Control for authentication.

I have some users and they are able to login successfully. When authenticated I redirect to a page helloworld.aspx. In the Page_Load method I first make a call to Membership.GetUser(). This returns the authenticated user properly. I then make a call to a simple WCF web service that resides in the same WebApplication. The first line of my WebService call's the same Membership.GetUser(). This time though it returns NULL.

Any thoughts?

Thanks,
Justin

Here is some code snippets

JustinPage.aspx

public partial class JustinPage : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        MembershipUser user = Membership.GetUser();
        // user is a valid user

        JustinService.JustinTestServiceClient justin = new CMS.WEB.JustinService.JustinTestServiceClient();
        justin.DoWork();
    }
}

JustinTestService.svc.cs

[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class JustinTestService
{
    [OperationContract]
    public void DoWork()
    {
        MembershipUser user = Membership.GetUser();
        // user is NULL ???  Why?
        return;
    }
}

As mentioned earlier the Service source code is in the Same WebApplication as Justin.aspx as you can see by the endpoint (note my app is fixed on port 19003)...

endpoint address="http://localhost:19003/Services/JustinTestService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_JustinTestService"
contract="JustinService.JustinTestService" name="BasicHttpBinding_JustinTestService" /

Also the binding looks like this...

</security>
</binding>

Maybe it has something to do with the <security mode="None"> ???

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

虐人心 2024-07-29 05:47:11

问题在于 Web 服务调用并非源自用户进行身份验证的浏览器。相反，您从应用程序发起 Web 服务调用（您的 Web 服务器正在向您的 Web 服务器创建 HTTP 请求！）。

回复收藏 0 原文

嘿看小鸭子会跑 2024-07-29 05:47:11

获取 fiddler 并查看身份验证 cookie 是否正在通过网络发送。

如果不是，您可能需要将其捆绑在您对服务的请求中。

像这样的东西

Service1Client ws = new Service1Client(); // Name of webclient proxy
            using (OperationContextScope scope = new OperationContextScope(ws.InnerChannel))
            {
                HttpRequestMessageProperty httpRequest = new HttpRequestMessageProperty();
                OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpRequest);

                HttpCookieCollection cc = Page.Request.Cookies;
                if (Request.Cookies[".ASPXAUTH"] != null)
                {
                    HttpCookie aCookie = Request.Cookies[".ASPXAUTH"];
                    String authcookieValue = Server.HtmlEncode(aCookie.Value);
                    httpRequest.Headers.Add("Cookie: " + ".ASPXAUTH=" + authcookieValue);
                }

                // Make call to webservice here
                ws.MyWCFCall();

                HttpResponseMessageProperty response = (HttpResponseMessageProperty)OperationContext.Current.IncomingMessageProperties[HttpResponseMessageProperty.Name];
            }

Get fiddler and see if the the authentication cookie is being sent across the wire.

If it isn't you might need to bundle it up in your request to the service.

Something like this

Service1Client ws = new Service1Client(); // Name of webclient proxy
            using (OperationContextScope scope = new OperationContextScope(ws.InnerChannel))
            {
                HttpRequestMessageProperty httpRequest = new HttpRequestMessageProperty();
                OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpRequest);

                HttpCookieCollection cc = Page.Request.Cookies;
                if (Request.Cookies[".ASPXAUTH"] != null)
                {
                    HttpCookie aCookie = Request.Cookies[".ASPXAUTH"];
                    String authcookieValue = Server.HtmlEncode(aCookie.Value);
                    httpRequest.Headers.Add("Cookie: " + ".ASPXAUTH=" + authcookieValue);
                }

                // Make call to webservice here
                ws.MyWCFCall();

                HttpResponseMessageProperty response = (HttpResponseMessageProperty)OperationContext.Current.IncomingMessageProperties[HttpResponseMessageProperty.Name];
            }

回复收藏 0 原文

~没有更多了~