从 FormsAuthentication.Authenticate 中删除用户名/密码的区分大小写
下面的代码和配置工作正常,但强制输入用户名/密码区分大小写,我想使其不区分大小写。
代码:
protected void LoginButton_Click(object sender, EventArgs e)
{
try
{
string uid = UserText.Text.Trim();
string pwd= PwdText.Text.Trim();
if (string.IsNullOrEmpty(uid) ||
string.IsNullOrEmpty(pwd))
{
throw new ApplicationException("UserName or Password should not be blank.");
}
bool isAuthrnticated = FormsAuthentication.Authenticate(uid, pwd);
if (isAuthrnticated)
{
FormsAuthentication.SetAuthCookie("Admin", false);
//...
}
else
{
((Site)this.Master).ShowError("Invalid UserName/Password.", ErrorSeverity.Warning);
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex);
((Site)this.Master).ShowError(ex.Message, ErrorSeverity.Warning);
}
}
Web.Config
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/Default.aspx" slidingExpiration="true" timeout="1000">
<credentials passwordFormat="Clear">
<user name="Admin" password="ZAdmin"/>
</credentials>
</forms>
</authentication>
The below code and the config works fine, but force to enter user name/password case sensitively, i want to make it non case sensitive.
Code:
protected void LoginButton_Click(object sender, EventArgs e)
{
try
{
string uid = UserText.Text.Trim();
string pwd= PwdText.Text.Trim();
if (string.IsNullOrEmpty(uid) ||
string.IsNullOrEmpty(pwd))
{
throw new ApplicationException("UserName or Password should not be blank.");
}
bool isAuthrnticated = FormsAuthentication.Authenticate(uid, pwd);
if (isAuthrnticated)
{
FormsAuthentication.SetAuthCookie("Admin", false);
//...
}
else
{
((Site)this.Master).ShowError("Invalid UserName/Password.", ErrorSeverity.Warning);
}
}
catch (Exception ex)
{
ErrorLogger.LogError(ex);
((Site)this.Master).ShowError(ex.Message, ErrorSeverity.Warning);
}
}
Web.Config
<authentication mode="Forms">
<forms defaultUrl="~/Default.aspx" loginUrl="~/Default.aspx" slidingExpiration="true" timeout="1000">
<credentials passwordFormat="Clear">
<user name="Admin" password="ZAdmin"/>
</credentials>
</forms>
</authentication>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
默认情况下,用户名不区分大小写,而密码区分大小写。最简单的方法是当他们注册时,将 un 和 pw 更改为 ToUpper() 或 ToLower(),然后当您进行身份验证时,对他们输入的任何内容执行相同的操作。
By default, usernames are not case sensetive and passwords are. The easiest way to do this is when they register, change both un and pw to either ToUpper() or ToLower() and then when you are authenticating, do the same to whatever they enter.
当您存储用户名和密码时,不要按原样存储它们,而是首先对它们调用 ToUpper() 。然后对传入 FormsAuthentication.Authenticate() 的字符串执行相同的操作。这样,在比较之前,两者都将被转换为全大写版本,从而使大小写无关。
When you store the username and password, instead of storing them as-is, call ToUpper() on them first. Then do the same thing to the strings you pass in to FormsAuthentication.Authenticate(). That way, both will have been converted to all-uppercase versions before comparing, rendering case irrelevant.
设置数据库的排序规则,这样您就不需要跟踪区分大小写
http://web.archive.org/web/20080811231016/http://sqlserver2000.databases.aspfaq.com:80/how-can-i-make-my-sql-查询大小写敏感.html
Set collations of your database so you do not need to keep track of case sensitivity
http://web.archive.org/web/20080811231016/http://sqlserver2000.databases.aspfaq.com:80/how-can-i-make-my-sql-queries-case-sensitive.html