SharePoint Authentication WebService的Login方法缺陷
Posted on 2008-04-29 18:46 aimin 阅读(748) 评论(0) 编辑 收藏 举报
SharePoint Authentication WebService的Login方法只支持Form认证。且不会保存本地Cookie,仅由LoginResult对象返回"NoError"消息,因此,只能用来验证某个用户是否是系统的用户,Cookie还得自己另外建。
[WebMethod]
public LoginResult Login(string username, string password)
{
LoginResult result = new LoginResult();
//如果不是Form认证,将反回"NotInFormsAuthenticationMode"消息
if (AuthenticationMode.Forms == SPSecurity.AuthenticationMode)
{
if (!Membership.ValidateUser(username, password))
{
result.ErrorCode = LoginErrorCode.PasswordNotMatch;
return result;
}
//默认createPersistentCookie值为false,不能创建持久 Cookie(跨浏览器会话保存的 Cookie)
FormsAuthentication.SetAuthCookie(username, false);
result.CookieName = FormsAuthentication.FormsCookieName;
return result;
}
result.ErrorCode = LoginErrorCode.NotInFormsAuthenticationMode;
return result;
}
public LoginResult Login(string username, string password)
{
LoginResult result = new LoginResult();
//如果不是Form认证,将反回"NotInFormsAuthenticationMode"消息
if (AuthenticationMode.Forms == SPSecurity.AuthenticationMode)
{
if (!Membership.ValidateUser(username, password))
{
result.ErrorCode = LoginErrorCode.PasswordNotMatch;
return result;
}
//默认createPersistentCookie值为false,不能创建持久 Cookie(跨浏览器会话保存的 Cookie)
FormsAuthentication.SetAuthCookie(username, false);
result.CookieName = FormsAuthentication.FormsCookieName;
return result;
}
result.ErrorCode = LoginErrorCode.NotInFormsAuthenticationMode;
return result;
}