当前位置: 文江博客话题详情

System.Web.Security 的替代方案,使用相同的数据库

发布于 2024-12-09 11:46:40 字数 488 浏览 0 评论 0原文

我正在编写一个 WinForms 应用程序来迁移大量数据。新系统基于 Web 并使用 ASP.NET 会员 API。

我必须使用事务将大量数据库插入和更新包装到单个事务中。这包括更新用户和角色(aspnet_Users、aspnet_Roles 等)。我已成功引用 System.Web.Membership 并在我的应用程序中使用它来在开始迁移之前验证数据,因此这不是问题。

然而,问题是在迁移过程中,当我将所有数据库调用包装在单个事务中时。由于会员代码关闭连接,我收到 DTC 错误,指出未启用分布式事务。我想避免更改客户端计算机上的任何内容,因此我正在寻找一种能够回滚更新用户和角色的方法。

目前,据我所知,我唯一的选择是直接调用存储过程,避免使用 Membership API。如果可能的话,我也想避免这种情况,所以我想知道是否有一种方法可以在事务中使用会员 API,或者是否有一个使用相同数据库表但可以很好地处理事务的替代库。

预先非常感谢任何人的意见!

原文

I am writing a WinForms application to migrate a lot of data. The new system is web-based and uses ASP.NET membership API.

I have to use transactions to wrap a lot of DB inserts and updates into a single transaction. This includes updating Users and Roles (aspnet_Users, aspnet_Roles, etc.) I've successfully referenced System.Web.Membership and used it in my app to verify the data before starting the migration, so that's not a problem.

The problem, however, is during migration, when I wrap all DB calls in a single Transaction. Since Membership code closes the connection, I get a DTC error, saying that distributed transactions aren't enabled. I would like to avoid changing anything on the client machine, so I am looking for a way to update Users and Roles with ability to roll back.

Right now, as far as I can tell, my only choice is to call the stored procedures directly, avoiding using Membership API. I would like to avoid this as well, if possible, so I was wondering if there is a way to either use the Membership API within transactions or if there is an alternative library that uses the same database tables, but plays nicely with the transactions.

Huge thanks in advance to anyone for any input!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

后知后觉 2024-12-16 11:46:40

我最终直接调用存储过程。我遇到的唯一障碍是创建新用户。它需要密码和安全答案加密,因此为此我只是从框架源代码中复制了代码。确切地说,来自System.Web.Security.SqlMembershipProvider.cs

我删除并修剪了部分代码以适合我自己的场景,因为我只使用 SHA1 加密。

我很确定我不是唯一一个遇到这个问题的人,因此对于其他有同样问题的人来说,这里有一段用于插入用户的完整代码。其他存储过程更容易调用。

这里几乎没有错误检查,因此添加您自己的并使用 System.Security.Cryptography

//Call to create a new user and return the ID
public static Guid? CreateUser(MyDataContext DB, string UserName, string Password, string Email, string PasswordQuestion, string PasswordAnswer)
{
    string salt = GenerateSalt();
    string password = EncodePassword(Password, salt);
    string encodedPasswordAnswer = EncodePassword(PasswordAnswer.ToLower(), salt);
    DateTime dt = DateTime.UtcNow;

    Guid? newUserID = null;

    //res would contain the success or fail code from the stored procedure
    //0 = success; 1 = fail;
    int res = DB.aspnet_Membership_CreateUser(  "[My app name]", UserName, password, salt, Email, PasswordQuestion, encodedPasswordAnswer, true, dt, DateTime.Now, 0, 1, ref newUserID);

    return newUserID;
}

private static string GenerateSalt()
{
    byte[] buf = new byte[16];
    (new RNGCryptoServiceProvider()).GetBytes(buf);
    return Convert.ToBase64String(buf);
}
private static string EncodePassword(string pass, string salt)
{
    byte[] bIn = Encoding.Unicode.GetBytes(pass);
    byte[] bSalt = Convert.FromBase64String(salt);
    byte[] bRet = null;

    HashAlgorithm hm = HashAlgorithm.Create("SHA1");
    if (hm is KeyedHashAlgorithm)
    {
        KeyedHashAlgorithm kha = (KeyedHashAlgorithm)hm;
        if (kha.Key.Length == bSalt.Length)
        {
            kha.Key = bSalt;
        }
        else if (kha.Key.Length < bSalt.Length)
        {
            byte[] bKey = new byte[kha.Key.Length];
            Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);
            kha.Key = bKey;
        }
        else
        {
            byte[] bKey = new byte[kha.Key.Length];
            for (int iter = 0; iter < bKey.Length; )
            {
                int len = Math.Min(bSalt.Length, bKey.Length - iter);
                Buffer.BlockCopy(bSalt, 0, bKey, iter, len);
                iter += len;
            }
            kha.Key = bKey;
        }
        bRet = kha.ComputeHash(bIn);
    }
    else
    {
        byte[] bAll = new byte[bSalt.Length + bIn.Length];
        Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
        Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
        bRet = hm.ComputeHash(bAll);
    }
    return Convert.ToBase64String(bRet);
}

I've ended up calling the stored procedures directly. The only hurdle I encountered was with creating a new user. It requires password and security answer encryption, so for this I simply copied the code from the framework source code. From System.Web.Security.SqlMembershipProvider.cs to be exact.

I've removed and trimmed some of this code to fit my own scenario, since I am only using SHA1 encryption.

I am pretty sure that I am not the only one having this problem, so for anyone else, who has the same issue, here is a somewhat complete code for inserting a user. Other stored procedures are easier to call.

There is almost no error checking here, so add your own and use System.Security.Cryptography

//Call to create a new user and return the ID
public static Guid? CreateUser(MyDataContext DB, string UserName, string Password, string Email, string PasswordQuestion, string PasswordAnswer)
{
    string salt = GenerateSalt();
    string password = EncodePassword(Password, salt);
    string encodedPasswordAnswer = EncodePassword(PasswordAnswer.ToLower(), salt);
    DateTime dt = DateTime.UtcNow;

    Guid? newUserID = null;

    //res would contain the success or fail code from the stored procedure
    //0 = success; 1 = fail;
    int res = DB.aspnet_Membership_CreateUser(  "[My app name]", UserName, password, salt, Email, PasswordQuestion, encodedPasswordAnswer, true, dt, DateTime.Now, 0, 1, ref newUserID);

    return newUserID;
}

private static string GenerateSalt()
{
    byte[] buf = new byte[16];
    (new RNGCryptoServiceProvider()).GetBytes(buf);
    return Convert.ToBase64String(buf);
}
private static string EncodePassword(string pass, string salt)
{
    byte[] bIn = Encoding.Unicode.GetBytes(pass);
    byte[] bSalt = Convert.FromBase64String(salt);
    byte[] bRet = null;

    HashAlgorithm hm = HashAlgorithm.Create("SHA1");
    if (hm is KeyedHashAlgorithm)
    {
        KeyedHashAlgorithm kha = (KeyedHashAlgorithm)hm;
        if (kha.Key.Length == bSalt.Length)
        {
            kha.Key = bSalt;
        }
        else if (kha.Key.Length < bSalt.Length)
        {
            byte[] bKey = new byte[kha.Key.Length];
            Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);
            kha.Key = bKey;
        }
        else
        {
            byte[] bKey = new byte[kha.Key.Length];
            for (int iter = 0; iter < bKey.Length; )
            {
                int len = Math.Min(bSalt.Length, bKey.Length - iter);
                Buffer.BlockCopy(bSalt, 0, bKey, iter, len);
                iter += len;
            }
            kha.Key = bKey;
        }
        bRet = kha.ComputeHash(bIn);
    }
    else
    {
        byte[] bAll = new byte[bSalt.Length + bIn.Length];
        Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
        Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
        bRet = hm.ComputeHash(bAll);
    }
    return Convert.ToBase64String(bRet);
}
回复 原文
~没有更多了~

关于作者

好听的两个字的网名

暂无简介

0 文章
0 评论
738 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

胡图图

文章 0 评论 0

zt006

文章 0 评论 0

z祗昰~

文章 0 评论 0

冰葑

文章 0 评论 0

野の

文章 0 评论 0

天空

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文