ASP.NET登录控件自定义身份验证失败

发布于 2024-10-03 13:32:27 字数 428 浏览 1 评论 0原文

我的代码后面的

protected void LogonForm_Authenticate(object sender, AuthenticateEventArgs e)
{
    bool auth = false;

    if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))
    {
        auth = true;
    }

    e.Authenticated = auth;

}

结果是 false。当我不指定 OnAuthenticate 事件时，用户将被验证，它会按预期工作。什么给？

我只想调用默认的 OnAuthenticate 代码，然后在其末尾添加额外的检查。我在这两种情况下都使用 LDAP 进行身份验证。

原文

My code behind

protected void LogonForm_Authenticate(object sender, AuthenticateEventArgs e)
{
    bool auth = false;

    if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))
    {
        auth = true;
    }

    e.Authenticated = auth;

}

It results in false. When I don't specify an OnAuthenticate event the user is validated it works as expected. What gives?

I simply want to invoke the default OnAuthenticate code and then add an additional check on the end of it. I am using LDAP to authenticate in both scenarios.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

高跟鞋的旋律 2024-10-10 13:32:27

正如 MSDN 文档中提到的， FormsAuthentication如果您将凭据存储在 Web.config 文件中，则应使用 .Authenticate 方法，如下所示：

<authentication mode="Forms">
    <forms loginUrl="login.aspx">
        <credentials passwordFormat="Clear">
            <user name="user1" password="password1" />
            <user name="user2" password="password2" />
        </credentials>
 </forms>
</authentication>

但是，如果您要根据继承自 MembershipProvider 抽象类（如 SqlMembershipProvider、ActiveDirectoryMembershipProvider 或其他）的成员身份提供程序验证凭据自定义提供程序，您应该使用 Membership.ValidateUser 方法代替。

我认为替换

if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))

为

if (Membership.ValidateUser(LoginUser.UserName, LoginUser.Password))

可以解决你的问题。

As is mentioned in the documentation on MSDN, the FormsAuthentication.Authenticate method should be used in case you have the credentials stored in the Web.config file like this:

<authentication mode="Forms">
    <forms loginUrl="login.aspx">
        <credentials passwordFormat="Clear">
            <user name="user1" password="password1" />
            <user name="user2" password="password2" />
        </credentials>
 </forms>
</authentication>

But if you are validating the credentials against a membership provider that inherits from the MembershipProvider abstract class like SqlMembershipProvider, ActiveDirectoryMembershipProvider or other custom providers you should use the Membership.ValidateUser method instead.

I think that replacing

if (FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password))

with

if (Membership.ValidateUser(LoginUser.UserName, LoginUser.Password))

will solve your problem.

回复收藏 0 原文

傾旎 2024-10-10 13:32:27

你能提供更多的代码吗？仅验证 AUTHENTICATE 的用户，它不设置 cookie 等。使用此方法来确定用户名\密码是否有效（也称为返回 True），

尝试使用此方法来设置 cookie：

Dim boolVal as Boolean = FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password)
If boolVal Then
   FormsAuthentication.SetAuthCookie(LogonForm.UserName,False)
End If

Can you provide more code? Authenticate only AUTHENTICATE's a user, it doesnt set a cookie, etc. Use this method to determine if a username\password is valid (aka if it returns True)

Try this instead to set the cookie:

Dim boolVal as Boolean = FormsAuthentication.Authenticate(LogonForm.UserName, LogonForm.Password)
If boolVal Then
   FormsAuthentication.SetAuthCookie(LogonForm.UserName,False)
End If

回复收藏 0 原文

~没有更多了~