EnterPrise应用(3) Security Application Block应用程序块 认证处理(VB.NET)
Posted on 2006-10-31 13:45 THEONE2008 阅读(1373) 评论(1) 编辑 收藏 举报 EnterPrise 中的SAB(既安全应用程序块)是一个非常有用、高效的模块;并且可以对用户、角色以及权限等进行非常灵活的管理,在业务流程以及角色、用户变化时候,基本不必重新修改原来的编码逻辑,重新设计业务流程,重新编写源代码,而只需要在数据库或者配置文件中进行几种组合就可以达到效果。
本文主要对SAB的认证环节进行一些说明。
首先在进入SAB认证处理之前,还是有很多工作要做的,比如对config文件进行配置,写存储过程等,对config进行配置的环节,请参考:TerryLee写的[安全应用程序块——入门篇]
http://www.cnblogs.com/Terrylee/archive/2005/10/25/261414.html
下面是要用到的存储过程:
其中要注意的是:在建立用户表的时候,password字段一定要用二进制varbinary,因为该字段要涉及到加密。该过程中只简单涉及到一个用户表,例子中的表为userOk,字段有U_ID,UserName,UserPWS三个字段。
--InsertUser用于添加用户,与密码
CREATE PROCEDURE dbo.InsertUser
@name nvarchar(256),
@password varbinary(64),
@userExists tinyint out
AS
IF EXISTS (SELECT UserName FROM userok WHERE UserName = @name)
BEGIN
SELECT @userExists = 1
RETURN
END
SELECT @userExists = 0
SELECT @password = IsNull(@password, 0x691B0FBEED8F399F7E12576B090B217E4AD88A09)
INSERT INTO Userok
(UserName, userpws)
VALUES
(@name, @password)
RETURN
GO
--=================================================
--GetPassword通过用户名读取密码
CREATE PROCEDURE GetPassword
@name nvarchar(256)
AS
SET NOCOUNT ON
SELECT
userpws
FROM Userok
WHERE UserName = @name
SET NOCOUNT OFF
RETURN
GO
--=================================================
--GetUserIdByName验证用户是否存在
CREATE PROCEDURE dbo.GetUserIdByName
@name nvarchar(256),
@userId int OUT
AS
SELECT @userId = U_ID
FROM Userok
WHERE UserName = @name
RETURN
GO
CREATE PROCEDURE dbo.InsertUser @name nvarchar(256), @password varbinary(64), @userExists tinyint outASIF EXISTS (SELECT UserName FROM userok WHERE UserName = @name)BEGIN SELECT @userExists = 1 RETURNENDSELECT @userExists = 0SELECT @password = IsNull(@password, 0x691B0FBEED8F399F7E12576B090B217E4AD88A09)INSERT INTO Userok (UserName, userpws)VALUES (@name, @password)RETURNGO--=================================================
--GetPassword通过用户名读取密码CREATE PROCEDURE GetPassword @name nvarchar(256)AS SET NOCOUNT ON SELECT userpws FROM Userok WHERE UserName = @name SET NOCOUNT OFFRETURNGO--=================================================--GetUserIdByName验证用户是否存在CREATE PROCEDURE dbo.GetUserIdByName @name nvarchar(256), @userId int OUTAS SELECT @userId = U_ID FROM Userok WHERE UserName = @nameRETURNGO有了表,有了存储过程,有对SAB做好了配置工作,下面就可以进入代码阶段了,当然做代码前要把相关的类引入进来,并做声明。
建立用户账户:
Public Sub InsertUser(ByVal userName As String, ByVal password As String)
'建立用户与密码'UserRoleManager 是在 Security.Database引用的,所以要先声明
Dim manager As UserRoleManager 'temp是在配置文件中配置的数据库名 Dim DbInstanceName As String = "temp" manager = New UserRoleManager(DbInstanceName, ConfigurationManager.GetCurrentContext()) '对password字符串进行加密 Dim pwdBytes As Byte() = SHA1Managed.Create().ComputeHash(ASCIIEncoding.ASCII.GetBytes(password)) '判断表中是否已经存在该用户,此时用到GetUserIdByName存储过程 If (Not manager.UserExists(userName)) Then manager.CreateUser(userName, pwdBytes) Else Label1.Text = "用户已经存在,毋需在建立!" 'Return End If
End Sub Public Function userPass(ByVal username As String, ByVal password As String) As Boolean '登陆判断(认证过程) '利用AuthenticationFactory类创建一个真实的Provider Dim IAP As IAuthenticationProvider IAP = AuthenticationFactory.GetAuthenticationProvider() '创建NamePasswordCredential的组合令牌 Dim NPC As NamePasswordCredential Dim passwordBytes As Byte() = ASCIIEncoding.ASCII.GetBytes(password) NPC = New NamePasswordCredential(username, passwordBytes) Dim IIden As IIdentity userPass = IAP.Authenticate(NPC, IIden) End Function到此,就利用EnterPrise SAB模块中的认证部分进行登陆判断,其中用户的删除操作也很简单用UserRoleManager中的DeleteUser方法就可以了。
