ASP.NET 会员会话 cookie

发布于 2024-09-09 07:08:52 字数 397 浏览 5 评论 0原文

我犹豫是否要在新的 Web 应用程序中做出有关身份验证和授权的决定。

Asp.net 2.0中内置的Membership、Roles和Profile看起来让人印象深刻,但背后的东西太多了,很难一探究竟。

我决定使用我自己的数据库结构,所以我必须重写我自己的提供程序,但仍然有一些东西我无法弄清楚,例如会话和cookie。它加密的内容、时间和方式以及检索用户信息后从数据库来看,似乎使用了cookie,但是会话怎么样?我使用了 MSDN、.Net Reflactor 和 Goole,但没有得到答案。我的意思是我知道配置和结果,但不知道如何。

如果我不知道登录控件和会员组件背后的事情是如何处理的,我想我就无法做好后期的改进和维护工作。

所以请帮帮我,我该怎么办?我想知道屏幕后面的事情是如何运作的。任何建议都期待!

I hesitate to make a decision about the authentication and authorization in a new web application.

The Membership, Roles and Profile built in Asp.net 2.0 seems impressive, but there are too many things behind them, which is uneasy to find out.

I've decide use my own DB structure so I have to rewrite my own provider, but there is still some thing I can't figure out, such as session and cookie.What, when and how does it encrypt and after retrieving user info from DB, seems cookie is uesed but how about session? I make use of MSDN, .Net Reflactor and Goole but get no answer. I mean I know the configuration and result but not sure how.

I don't think I can do a good job in the later improvement and maintenance if I don't know how the things process behind the Login controls and membership components.

So help me please, what should I do? I want to know how things run behind the screen. Any suggestion is looking forward!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

山有枢 2024-09-16 07:08:52

您可以 在此处下载提供程序的源代码。从中学习尽可能多的知识,并了解 Microsoft 是如何实现它的。您甚至可能想回收 FormsAuthenticationTicket 上的一些部分。

微软还使用加盐哈希来存储密码以提高安全性。当您创建自己的提供程序时,您可能也会对此感兴趣。

You can download the source code for the providers here. Learn as much as you want from it and see how Microsoft implemented it. You might even want to recycle some pieces on the FormsAuthenticationTicket.

Microsoft's also using salted hashing to store the passwords for increased security. That might also be of interest to you when you make your own providers.

墟烟 2024-09-16 07:08:52

您应该使用 .NET Reflector 来了解 .NET 代码的工作原理。实际上,您还可以在更高版本的 Visual Studio 中单步执行源代码。

You should use .NET Reflector to find out how the .NET code works. You can also actually single-step into the sources in later versions of Visual Studio.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文