表单身份验证添加附加信息以及 ReturnUrl
使用表单身份验证,当应用程序需要重定向到登录页面时,是否有一个事件或任何可扩展点可以让我在重定向到登录页面之前对请求执行额外的工作?
我想在查询字符串中发送附加信息,这些信息可能会有所不同,因此无法将其静态嵌入到 web.config 中的 loginUrl 节点的链接中。
编辑:为了澄清起见,我想在重定向到登录页面之前拦截请求。
示例:
<authentication mode="Forms">
<forms loginUrl="http://the/interwebs/login.aspx" timeout="2880"
enableCrossAppRedirects="true" />
</authentication>
在用户被重定向到 http://the/interwebs/login.aspx 之前 我希望能够打包查询值,以便 url 最终可能类似于 http://the/interwebs/login.aspx?Action=Refresh
With Forms Authentication when the app needs to redirect to sign-in page is there an event or any extensibility point that will let me do additional work to the request before it redirects to the sign-in page?
I would like to send additional information in the query string that could vary such that it wouldn't work to just statically embed that in the link in the loginUrl node in the web.config.
Edit: For clarification, I want to intercept the request prior to being redirected TO the login page.
Example:
<authentication mode="Forms">
<forms loginUrl="http://the/interwebs/login.aspx" timeout="2880"
enableCrossAppRedirects="true" />
</authentication>
And prior the user being redirected to http://the/interwebs/login.aspx I would like to be able to pack in query values so the url could end up something like http://the/interwebs/login.aspx?Action=Refresh
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可以通过处理事件 HttpApplication.AuthenticateRequest
仅供参考,我们目前通过 IHttpModule 实现来完成此操作。
You can do this via handling the event HttpApplication.AuthenticateRequest
FYI, We currently do this via an IHttpModule implementation.
我以前用 http 模块做过这个。我的例子(精简),在 vb.net 中。我只是检查 401 状态代码并执行我自己的重定向。这里最大的技巧是我必须删除并添加回 web.config httpModules 以确保我的 httpmodule 从 url 授权模块中介入。就我而言,我进行了一些用于本地化的 url 重写,并且我需要将区域设置 ID 发送到登录页面,因为它在 url 授权模块中的正常重定向中丢失了。我大量使用 Reflector 来构建基本路径(未显示),因为这些是私有方法。
web.config 更改
I've done this before with an http module. My example (stripped down), in vb.net. I'm just checking for a 401 status code and doing my own redirect. The big trick here was that I had to remove and add back the web.config httpModules to make sure my httpmodule stepped in from of the url authorization module. In my case I had some url rewriting for localization, and I needed to send the locale ID to the login page as it was lost by the normal redirect in the url authorization module. I made heavy use of Reflector to build up the base path (not shown), as these are private methods.
web.config changes
您不必使用表单身份验证机制将人们重定向到 URL。您可以在代码中做到这一点。只需登录并使用 Response.Redirect 自行重定向它们。
You don't have to use the Forms authentication's mechanism to redirect people to a URL. You can do that in code. Just sign them in and Redirect them yourself using
Response.Redirect
.