当前位置: 文江博客话题详情

我们的 ASP.Net 会员控制中有一个幽灵

发布于 2024-10-08 10:55:02 字数 3532 浏览 1 评论 0原文

我们建立了一个使用两个不同数据库的网站。现在的设置方式是,当您访问 www.website.com 并登录时,经过身份验证后,您将拥有一个设置为 website1ConnectionString 的 cookie。每次我们使用 linq 调用 datacontext 时,我们都会发送功能来检查 cookie 名称并获取相应的连接字符串。 EX PortalDataContext db = new PortalDataContext(AuthenticatedUser.ConnectionString); 如果用户访问 www.website.com/2ndlogin,则会对用户进行身份验证,并使用 website2ConnectionString cookie 设置 cookie。我们现在遇到一个问题,用户名和 GUID 会随机更改为其他用户,从而显示错误的信息。

我们通过写出与登录用户关联的用户名并浏览网站来注意到这一点。经过一段时间的不活动后,每个页面顶部显示的用户名以及 GUID 会随机更改为另一个用户。有时它会变回来,有时我们被迫注销并重新登录。

最近发生了这样的情况:database1 上的用户的用户名和 GUID 更改为 Database2 上的用户。

我们使用的 AuthenticatedUser 类如下所示:

public static MembershipUser GetUser()
    {
        string connection = AuthenticatedUser.ConnectionString;
        string provider = "";
        if (connection.Contains("website2"))
        {
            provider = "website2MembershipProvider";
        }
        else
        {
            provider = "AspNetSqlMembershipProvider";
        }

        MembershipProvider prov = Membership.Providers[provider];
        MembershipUser m = prov.GetUser(UserName, true);

        return m;
    }

    public static MembershipProvider GetMembershipProvider()
    {
        string connection = AuthenticatedUser.ConnectionString;
        string provider = "";
        if (connection.Contains("website2"))
        {
            provider = "website2MembershipProvider";
        }
        else
        {
            provider = "AspNetSqlMembershipProvider";
        }

        MembershipProvider prov = Membership.Providers[provider];
        return prov;
    }

    public static Guid LoginUserID
    {
        get
        {
            Guid g = new Guid();

            string connection = AuthenticatedUser.ConnectionString;
            string provider = "";
            if (connection.Contains("website2"))
            {
                provider = "website2MembershipProvider";
            }
            else
            {
                provider = "AspNetSqlMembershipProvider";
            }

            MembershipProvider prov = Membership.Providers[provider];
            MembershipUser m = prov.GetUser(UserName, true);
            if (m != null)
            {
                g = (Guid)m.ProviderUserKey;
            }

            return g;
        }
    }

    private static string _UserName = "";
    public static string UserName
    {
        get
        {
            if (String.IsNullOrEmpty(_UserName))
            {
                if (Membership.GetUser() != null)
                {
                    return Membership.GetUser().UserName;
                }
            }
            else
            {
                return _UserName;
            }

            return "";
        }

        set
        {
            _UserName = value;
        }
    }

public static string ConnectionString
    {
        get
        {
            HttpCookie myCookie = HttpContext.Current.Request.Cookies["connectionString"];
            return GetConnectionStringFromName(myCookie);
        }
        set
        {
            if (HttpContext.Current.Request.Cookies["connectionString"] != null)
            {
                ExpireCookies(HttpContext.Current);
            }
            var allCookies = HttpContext.Current.Request.Cookies.AllKeys;
            HttpCookie cookie = new HttpCookie("connectionString");
            cookie.Value = value;
            cookie.Expires = DateTime.Now.AddYears(100);
            HttpContext.Current.Response.Cookies.Add(cookie);
        }
    }
原文

We have a website set up that uses 2 differrent databases. They way it is set up now is that when you go to www.website.com and login, once authenticated you will have a cookie that is set to website1ConnectionString. Everytime that we call a datacontext with linq, we send in functionality to check the cookie name and grab the cooresponding connection string. EX PortalDataContext db = new PortalDataContext(AuthenticatedUser.ConnectionString); If a user goes to www.website.com/2ndlogin, the user is authenticated and a cookie is set with the website2ConnectionString cookie. We are running into an issue right now that randomly the users name and guid will change to another users, thus showing the wrong information.

We have noticed this by writting out the username that is associated with the logged in user and navigating the site. After some inactivity, randomly the username that is displayed on the top of each page changes to another user, along with the GUID. Sometimes it changes back and sometimes we are forced to log out and log back in.

We have had it happen recently that a user on database1 has had their username and GUID change to a user on Database2.

We are using an AuthenticatedUser class that looks like the following:

public static MembershipUser GetUser()
    {
        string connection = AuthenticatedUser.ConnectionString;
        string provider = "";
        if (connection.Contains("website2"))
        {
            provider = "website2MembershipProvider";
        }
        else
        {
            provider = "AspNetSqlMembershipProvider";
        }

        MembershipProvider prov = Membership.Providers[provider];
        MembershipUser m = prov.GetUser(UserName, true);

        return m;
    }

    public static MembershipProvider GetMembershipProvider()
    {
        string connection = AuthenticatedUser.ConnectionString;
        string provider = "";
        if (connection.Contains("website2"))
        {
            provider = "website2MembershipProvider";
        }
        else
        {
            provider = "AspNetSqlMembershipProvider";
        }

        MembershipProvider prov = Membership.Providers[provider];
        return prov;
    }

    public static Guid LoginUserID
    {
        get
        {
            Guid g = new Guid();

            string connection = AuthenticatedUser.ConnectionString;
            string provider = "";
            if (connection.Contains("website2"))
            {
                provider = "website2MembershipProvider";
            }
            else
            {
                provider = "AspNetSqlMembershipProvider";
            }

            MembershipProvider prov = Membership.Providers[provider];
            MembershipUser m = prov.GetUser(UserName, true);
            if (m != null)
            {
                g = (Guid)m.ProviderUserKey;
            }

            return g;
        }
    }

    private static string _UserName = "";
    public static string UserName
    {
        get
        {
            if (String.IsNullOrEmpty(_UserName))
            {
                if (Membership.GetUser() != null)
                {
                    return Membership.GetUser().UserName;
                }
            }
            else
            {
                return _UserName;
            }

            return "";
        }

        set
        {
            _UserName = value;
        }
    }

public static string ConnectionString
    {
        get
        {
            HttpCookie myCookie = HttpContext.Current.Request.Cookies["connectionString"];
            return GetConnectionStringFromName(myCookie);
        }
        set
        {
            if (HttpContext.Current.Request.Cookies["connectionString"] != null)
            {
                ExpireCookies(HttpContext.Current);
            }
            var allCookies = HttpContext.Current.Request.Cookies.AllKeys;
            HttpCookie cookie = new HttpCookie("connectionString");
            cookie.Value = value;
            cookie.Expires = DateTime.Now.AddYears(100);
            HttpContext.Current.Response.Cookies.Add(cookie);
        }
    }

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

埋情葬爱 2024-10-15 10:55:02

您的 UserName 属性不使用选定的提供程序,它始终使用默认提供程序。您如何使用用户名?另外,什么时候将 m.ProviderUserKey 设置为 GUID?

顺便说一句,您可以重构一些重复的代码:

public static MembershipUser GetUser()
{
    return GetMembershipProvider().GetUser(UserName, true);
}

public static MembershipProvider GetMembershipProvider()
{
    string connection = AuthenticatedUser.ConnectionString;
    string provider;
    if (connection.Contains("website2"))
    {
        provider = "website2MembershipProvider";
    }
    else
    {
        provider = "AspNetSqlMembershipProvider";
    }

    return Membership.Providers[provider];
}

public static Guid LoginUserID
{
    get
    {
        Guid g = new Guid();

        MembershipUser m = GetUser();
        if (m != null)
        {
            g = (Guid)m.ProviderUserKey;
        }

        return g;
    }
 }

Your UserName property does not use the selected provider, it always uses the default provider. How are you using UserName? Also, when do you set m.ProviderUserKey to the GUID?

btw, you can refactor out some of the duplicate code:

public static MembershipUser GetUser()
{
    return GetMembershipProvider().GetUser(UserName, true);
}

public static MembershipProvider GetMembershipProvider()
{
    string connection = AuthenticatedUser.ConnectionString;
    string provider;
    if (connection.Contains("website2"))
    {
        provider = "website2MembershipProvider";
    }
    else
    {
        provider = "AspNetSqlMembershipProvider";
    }

    return Membership.Providers[provider];
}

public static Guid LoginUserID
{
    get
    {
        Guid g = new Guid();

        MembershipUser m = GetUser();
        if (m != null)
        {
            g = (Guid)m.ProviderUserKey;
        }

        return g;
    }
 }
回复 原文
~没有更多了~

关于作者

神也荒唐

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

烙印

文章 0 评论 0

singlesman

文章 0 评论 0

给自己一个微笑

文章 0 评论 0

独孤求败

文章 0 评论 0

晨钟暮鼓

文章 0 评论 0

我是自愿种绣球花的

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文