ASP.NET2.0 - 验证Authentication(2) – FormsAuthenticationTicket类
1 protected void Login_Click(object sender, EventArgs e)
2 {
3
4 HttpCookie myCookie = FormsAuthentication.GetAuthCookie(UserName.Text,true);
5 FormsAuthenticationTicket myTicket = FormsAuthentication.Decrypt (myCookie.Value);
6
7 FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket( myTicket.Version, myTicket.Name,
8
9 myTicket.IssueDate, myTicket.Expiration, myTicket.IsPersistent,UserData);
10
11 myCookie.Value = FormsAuthentication.Encrypt(newTicket);
12
13 Response.Cookies.Add(myCookie);
14
15 string url = FormsAuthentication.GetRedirectUrl(UserName.Text, true);
16
17 Response.Redirect(url);
18 }
19
20
21
22 protected void Page_Load(object sender, EventArgs e)
23 {
24
25 if (Request.IsAuthenticated)
26 {
27
28 FormsIdentity formidnty = User.Identity as FormsIdentity;
29
30 //check whether host ip is authenticated
31
32 if (Request.UserHostAddress != formidnty.Ticket.UserData)
33 {
34
35 GenericIdentity gid = new GenericIdentity("","");
36 string[] role = { };
37 GenericPrincipal newgid = new GenericPrincipal(gid, role);
38
39 //destroy the ticket
40 this.Context.User = newgid;
41 }
42
43 }
44
45 Else
46 {
47 Response.Redirect("login.aspx");
48 }
49
50 }
51
http://www.asp.net/Learn/security/tutorial-03-vb.aspx
