.NET Web表单,Windows表单项目和IIS表单身份验证之间的关系是什么?
我正在使用.NET 6 ASP.NET网站工作,并考虑使用身份框架实现身份验证。我知道这在技术上是一种中间件,并且独立于随后的IIS部署身份验证设置(仅启用匿名需求)。
在IIS身份验证设置上,我可以进行各种身份验证选项,其中一种称为表单身份验证。
我想问.NET Web表单(或Windows表单)项目与IIS表单身份验证之间是否有任何关系?还是他们都有形式的关键字只是一个共同遇到的遇到的机会?我很困惑,因为 - 喜欢Web表单项目,即使是较旧的ASP.NET MVC项目也需要在部署到IIS时启用身份验证。在较新的.NET MVC项目中,如果他们使用身份框架,则不需要此IIS部署设置。
最新的身份验证机制称为身份框架。从技术上讲,较旧的身份验证机制是什么?表格验证框架?
I am working on a .NET 6 ASP.NET website and looking at implementing authentication using the identity framework. I understand this is technically working as a middleware and is independent of the subsequent IIS deployment authentication setting (only anonymous needs enabling).
On the IIS authentication setting I can various authentication options, one of which is called Forms Authentication.
I want to ask whether there is any relation between .NET Web Forms (or Windows Forms) project and the IIS Forms authentication? Or is it just a co-incidence that they both have the Forms keyword? I am confused because - like Web Forms project, even older ASP.NET MVC project required the Form Authentication enabled upon deployment to IIS. Where as newer .NET MVC project don't require this IIS deployment setting if they are using the Identity framework.
The latest authentication mechanism is called Identity framework. What was the older authentication mechanism technically called? Forms auth framework?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不要将窗户表格带入这个!!
但是,是的,所谓的FBA(基于表格的aunthetiicaion)并不是真正以任何speical方式对Web表单进行的。他们只是以其名称的名称“形式”而发生 - 仅此而已。因此,在Web表单应用中使用FBA是很长的常见选择。
FBA和IIS之间有关系吗?是的,因为如果您采用FBA,则使用该安全提供商对您的网站安全进行管理。这是您拥有“角色”提供商和FBA提供商的。
因此,然后可以使用web.config确定网站的每个文件夹。您可以要求这些页面要求有效的登录(基于FBA),也可以选择和选择角色(因此,网站的某些部分说只能用“销售”组的角色使用。
但是,但是,尽管Web表单网站可以采用FBA,但宝贵的信息是,IIS将尊重AuthneTicaion提供商 - 因此IIS“知道”和“尊重”该Secuirty提供商选择,这意味着您是否需要登录登录页面的网页。 ,然后IIS将自动拦截该页面 - 将您发送到登录页面,然后登录后,您可以继续使用该安全的网页
。但是,您可以使用登录提供商。
FBA-基于表格的身份验证。正如我所说,该名称中的“表单”的事实在Web表单或使用Web表单应用程序方面没有特殊意义。
因此,如上所述,您可以免费采用新的安全提供商 - 当然,Web表格不仅限于使用FBA作为安全提供商。
哼,是吗?我认为情况并非如此。如果您不需要或不需要网站登录或安全性,那么我不认为FBA根本不需要任何形式的要求,以部署没有安全性或使用安全性的网站。
Don't bring windows forms into this!!
But, yes, so called FBA (forms based aunthetiicaion) is not really realited to web forms in any speical way. They just happen to both have the name "forms" in their name - nothing more, and nothing less. So, using FBA in web forms applciations was a long time common choice.
Is there a relationship bettween FBA and IIS? yes, because if you adopt FBA, then your web site security is managed using that security provider. This useally means you have the "role" provider and FBA provider.
so, then each folder of the web site can then be secuired using web.config. You can either secuire those pages to require a valid logon (based on FBA), and you can also pick and choose what roles (so, some parts of the site say can only be used with say a role of "Sales" group.
However, while the web forms site can adopt FBA, the valuable informtion is that IIS will respect that that authneticaion provider - and thus IIS "knows" and "respects" that secuirty provider choice. That means say if you hit a web page that requires logon, then IIS will automatic intercept that page - send you to the logon page, and after you logon, you can continue on to that secured web page.
However, you don't have to use FBA with IIS, there are of course other secuirty and logon providers you can use. However, you do want to use a supported and started one, since then you can use the built-in asp.net logon controls etc, and they will just work.
FBA -- Forms based authentication. As I stated, the fact of "forms" in that name FBA has no specials meaning in regards to web forms, or using web form applications.
You are thus as noted are free to adopt newer security providers - web forms are of course not limited to using FBA as the security provider.
Hum, did they? I don't think that is the case. If you don't want or need web site logons or security then I do not believe that FBA was any kind of requirement to be enabled at all to deploy a web site that does not have nor use security.