Моля, помогнете с разрешаването на проблема с персонализираното удостоверяване

имам прост тип удостоверяване, проверявам в DB дали потребителско име и парола съществуват, създавам FormsAuthenticationTicket и го добавям HttpContext.Current.Response.Cookies.Add(cookie); когато проверя HttpContext.Current.User.Identity.IsAuthenticated преди заявка, той връща false, но ако проверя global.asax Application_AuthenticateRequest(object sender, EventArgs e) за следваща заявка HttpContext.Current.User.Identity.IsAuthenticated връща true

public static bool Login(string userName, string pass)
    {
        using (SqlConnection conn = new SqlConnection(connectionString))
        {
            try
            {
                conn.Open();
                string comand = string.Format("Select * From ChatUser Where " +
                "userName = '{0}' and pass ='{1}'", userName, pass);
                SqlCommand cmd = new SqlCommand(comand, conn);
                var reader = cmd.ExecuteReader();
                if (!reader.HasRows)
                {
                    conn.Close();
                    return false;
                }
                while (reader.Read())
                {
                    string id = reader["id"].ToString();
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                    1, id, DateTime.Now, DateTime.Now.AddMinutes(30),
                    false, null, FormsAuthentication.FormsCookiePath);
                    string hashCookies = FormsAuthentication.Encrypt(ticket);
                    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies);
                    HttpContext.Current.Response.Cookies.Add(cookie);

                }
                conn.Close();
                JoinMesage();
                return true;
            }


            catch (Exception ex)
            {
                //write in log file
                return false;
            }
        }
    }

    public static void JoinMesage()
    {
        string userId;
        if (HttpContext.Current.User != null)
        {
            userId = HttpContext.Current.User.Identity.Name;
            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                string comand = string.Format("Insert into Messages (userID,mesageDate,userStatus)"
                    + " Value('{0}','{1}','{2}')", userId, DateTime.Now, true);
            }
        }


    }

asp.net basic-authentication custom-authentication
person HaikMnatsakanyan    schedule 08.09.2012    source източник

Отговори (1)


arrow_upward
2
arrow_downward

Моля, променете своя билет. трябва да бъде

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
    1, 
    id, 
    DateTime.Now, 
    DateTime.Now.AddMinutes(30),
    true, 
    null, 
    FormsAuthentication.FormsCookiePath);

и задайте тип удостоверяване в персонализиран клас за самоличност, моля, следвайте връзката:

http://www.asp.net/web-forms/tutorials/security/introduction/forms-authentication-configuration-and-advanced-topics-cs

Ще го реши.

person Umesh Garg    schedule 21.10.2012