ASP.NET 安全模型-用户权限
2007-12-03 17:29 黄明 阅读(341) 评论(0) 收藏 举报
关于ASP.NET 安全验证等相关问题
ASP.NET 1.x 安全模型
在 Global.asax 全局设置用户访问权限,Application_AuthenticateRequest 方法是每次请求ASPX 页面都会调用的
ASP.NET 1.x 安全模型
在 Global.asax 全局设置用户访问权限,Application_AuthenticateRequest 方法是每次请求ASPX 页面都会调用的
1 // 获取加密Cookie 对象
2 void Application_AuthenticateRequest(object sender, EventArgs e)
3 {
4 HttpApplication app = (HttpApplication)sender;
5
6 HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
7
8 if (cookie != null)
9 {
10 string encryptedTicket = cookie.Value;
11 FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(encryptedTicket);
12
13 string[] roles = ticket.UserData.Split(new char[]{','});
14
15 FormsIdentity identity = new FormsIdentity(ticket);
16 System.Security.Principal.GenericPrincipal user = new System.Security.Principal.GenericPrincipal(identity, roles);
17
18 app.Context.User = user;
19 }
20 }
2 void Application_AuthenticateRequest(object sender, EventArgs e)
3 {
4 HttpApplication app = (HttpApplication)sender;
5
6 HttpCookie cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
7
8 if (cookie != null)
9 {
10 string encryptedTicket = cookie.Value;
11 FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(encryptedTicket);
12
13 string[] roles = ticket.UserData.Split(new char[]{','});
14
15 FormsIdentity identity = new FormsIdentity(ticket);
16 System.Security.Principal.GenericPrincipal user = new System.Security.Principal.GenericPrincipal(identity, roles);
17
18 app.Context.User = user;
19 }
20 }
浙公网安备 33010602011771号