当前位置: 文江博客话题详情

表单身份验证添加附加信息以及 ReturnUrl

发布于 2024-09-27 01:16:58 字数 731 浏览 0 评论 0原文

使用表单身份验证,当应用程序需要重定向到登录页面时,是否有一个事件或任何可扩展点可以让我在重定向到登录页面之前对请求执行额外的工作?

我想在查询字符串中发送附加信息,这些信息可能会有所不同,因此无法将其静态嵌入到 web.config 中的 loginUrl 节点的链接中。

编辑:为了澄清起见,我想在重定向到登录页面之前拦截请求。

示例:

<authentication mode="Forms">
      <forms loginUrl="http://the/interwebs/login.aspx" timeout="2880" 
                enableCrossAppRedirects="true" />
</authentication>

在用户被重定向到 http://the/interwebs/login.aspx 之前 我希望能够打包查询值,以便 url 最终可能类似于 http://the/interwebs/login.aspx?Action=Refresh

原文

With Forms Authentication when the app needs to redirect to sign-in page is there an event or any extensibility point that will let me do additional work to the request before it redirects to the sign-in page?

I would like to send additional information in the query string that could vary such that it wouldn't work to just statically embed that in the link in the loginUrl node in the web.config.

Edit: For clarification, I want to intercept the request prior to being redirected TO the login page.

Example:

<authentication mode="Forms">
      <forms loginUrl="http://the/interwebs/login.aspx" timeout="2880" 
                enableCrossAppRedirects="true" />
</authentication>

And prior the user being redirected to http://the/interwebs/login.aspx I would like to be able to pack in query values so the url could end up something like http://the/interwebs/login.aspx?Action=Refresh

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

无戏配角 2024-10-04 01:16:58

您可以通过处理事件 HttpApplication.AuthenticateRequest

    private void Application_AuthenticateRequest(Object source, EventArgs e)
    {

        HttpApplication application = (HttpApplication)source;
        HttpContext context = application.Context;

        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = context.Request.Cookies[cookieName];

        if (authCookie == null || string.IsNullOrEmpty(authCookie.Value))
        {
            //... do something
        }

仅供参考,我们目前通过 IHttpModule 实现来完成此操作。

You can do this via handling the event HttpApplication.AuthenticateRequest

    private void Application_AuthenticateRequest(Object source, EventArgs e)
    {

        HttpApplication application = (HttpApplication)source;
        HttpContext context = application.Context;

        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = context.Request.Cookies[cookieName];

        if (authCookie == null || string.IsNullOrEmpty(authCookie.Value))
        {
            //... do something
        }

FYI, We currently do this via an IHttpModule implementation.

回复 原文
ゝ偶尔ゞ 2024-10-04 01:16:58

我以前用 http 模块做过这个。我的例子(精简),在 vb.net 中。我只是检查 401 状态代码并执行我自己的重定向。这里最大的技巧是我必须删除并添加回 web.config httpModules 以确保我的 httpmodule 从 url 授权模块中介入。就我而言,我进行了一些用于本地化的 url 重写,并且我需要将区域设置 ID 发送到登录页面,因为它在 url 授权模块中的正常重定向中丢失了。我大量使用 Reflector 来构建基本路径(未显示),因为这些是私有方法。

    Public Sub Init(ByVal context As System.Web.HttpApplication) Implements System.Web.IHttpModule.Init
        AddHandler context.EndRequest, AddressOf Context_EndRequest
    End Sub

    Private Sub Context_EndRequest(ByVal sender As Object, ByVal e As EventArgs)

        If TypeOf sender Is HttpApplication Then

            Dim hApplication As HttpApplication = DirectCast(sender, HttpApplication)
            Dim hContext As HttpContext = hApplication.Context

            If (hContext.Response.StatusCode = &H191) Then

                hContext.Response.Redirect(String.Format("{0}?ReturnUrl={1}&someparam2={2}", basepath, HttpUtility.UrlEncode(hContext.Request.RawUrl), someparam2))

            End If

        End If

    End Sub

web.config 更改

  <httpModules>
      <clear/>
      <!-- custom -->
      <add name="SomeHttpModule" type="SomeCompany.SomeProduct.SomeHttpModule"/>
      <!-- add back defaults, exlude PassportAuthentication, AnonymousIdentification, Profile -->
      <add name="OutputCache" type="System.Web.Caching.OutputCacheModule"/>
      <add name="Session" type="System.Web.SessionState.SessionStateModule"/>
      <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule"/>
      <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule"/>
      <add name="RoleManager" type="System.Web.Security.RoleManagerModule"/>
      <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule"/>
      <add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule"/>
  </httpModules>

I've done this before with an http module. My example (stripped down), in vb.net. I'm just checking for a 401 status code and doing my own redirect. The big trick here was that I had to remove and add back the web.config httpModules to make sure my httpmodule stepped in from of the url authorization module. In my case I had some url rewriting for localization, and I needed to send the locale ID to the login page as it was lost by the normal redirect in the url authorization module. I made heavy use of Reflector to build up the base path (not shown), as these are private methods.

    Public Sub Init(ByVal context As System.Web.HttpApplication) Implements System.Web.IHttpModule.Init
        AddHandler context.EndRequest, AddressOf Context_EndRequest
    End Sub

    Private Sub Context_EndRequest(ByVal sender As Object, ByVal e As EventArgs)

        If TypeOf sender Is HttpApplication Then

            Dim hApplication As HttpApplication = DirectCast(sender, HttpApplication)
            Dim hContext As HttpContext = hApplication.Context

            If (hContext.Response.StatusCode = &H191) Then

                hContext.Response.Redirect(String.Format("{0}?ReturnUrl={1}&someparam2={2}", basepath, HttpUtility.UrlEncode(hContext.Request.RawUrl), someparam2))

            End If

        End If

    End Sub

web.config changes

  <httpModules>
      <clear/>
      <!-- custom -->
      <add name="SomeHttpModule" type="SomeCompany.SomeProduct.SomeHttpModule"/>
      <!-- add back defaults, exlude PassportAuthentication, AnonymousIdentification, Profile -->
      <add name="OutputCache" type="System.Web.Caching.OutputCacheModule"/>
      <add name="Session" type="System.Web.SessionState.SessionStateModule"/>
      <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule"/>
      <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule"/>
      <add name="RoleManager" type="System.Web.Security.RoleManagerModule"/>
      <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule"/>
      <add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule"/>
  </httpModules>
回复 原文
葮薆情 2024-10-04 01:16:58

您不必使用表单身份验证机制将人们重定向到 URL。您可以在代码中做到这一点。只需登录并使用 Response.Redirect 自行重定向它们。

You don't have to use the Forms authentication's mechanism to redirect people to a URL. You can do that in code. Just sign them in and Redirect them yourself using Response.Redirect.

回复 原文
~没有更多了~

关于作者

星軌x

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

不再见

文章 0 评论 0

真是无聊啊

文章 0 评论 0

樱娆

文章 0 评论 0

浅语花开

文章 0 评论 0

烛光

文章 0 评论 0

绻影浮沉

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文