基于.net的principal、identity接口的用户处理机制。 SiteIdentity.cs using System;
using System.Text;
using System.Collections;
using System.Security.Cryptography; namespace ContextUser
{
/// <summary>
/// SiteIdentity 的摘要说明。
/// </summary>
public class SiteIdentity: System.Security.Principal.IIdentity
{
private string userName;
private string emailAddress;
private int userID;
public SiteIdentity(string currentUserName )
{
userName = currentUserName;
emailAddress = "[email protected]";
userID =1;
}
public string AuthenticationType
{
get
{
return "Custom Authentication";
}
set
{
// do nothing
}
}
public bool IsAuthenticated
{
get
{
// assumption: all instances of a SiteIdentity have already
// been authenticated.
return true;
}
} public string Name
{
get
{
return userName;
}
}
public string EmailAddress
{
get
{
return emailAddress;
}
} public int UserID
{
get
{
return userID;
}
} }
}
----------------------------------------------------------------------------------------------- SitePrincipal.cs using System;
using System.Collections;
using System.Security;
using System.Security.Cryptography; namespace ContextUser
{
/// <summary>
/// SitePrincipal 的摘要说明。
/// </summary>
public class SitePrincipal: System.Security.Principal.IPrincipal
{
protected System.Security.Principal.IIdentity identity;
protected ArrayList permissionList;//许可动态数组
protected ArrayList roleList;//角色动态数组 public System.Security.Principal.IIdentity Identity
{
get
{
return identity;
}
set
{
identity = value;
}
} public SitePrincipal( string username )//构造函数逻辑
{
identity = new SiteIdentity( username ); roleList = new ArrayList();//添加角色数组 以后可以用从数据库获取数值代替
roleList.Add("Admin");
roleList.Add("123"); permissionList = new ArrayList();
permissionList.Add(2); //permissionList = dataUser.GetEffectivePermissionList( userID );
//roleList = dataUser.GetUserRoles( userID );
} public static SitePrincipal ValidateLogin(string username, string password)//验证登陆
{ if(username == "1111111" && password == "1111111")//可以用从数据库验证替代
{
return new SitePrincipal( username );
} else {
return null;
}
} public bool IsInRole(string role)
{
return roleList.Contains( role );
} public bool HasPermission( int permissionID )
{
return permissionList.Contains( permissionID );
} public ArrayList Roles
{
get
{
return roleList;
}
} public ArrayList Permissions
{
get
{
return permissionList;
}
} }
}
下面继承page 用于需要验证的页面继承 BasePage.cs using System;
using System.Web;
using System.Web.UI;
using System.Diagnostics; namespace ContextUser
{
/// <summary>
/// BasePage 的摘要说明。
/// </summary>
public class BasePage : System.Web.UI.Page
{
public BasePage()
{ }
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
this.Load += new System.EventHandler(this.BasePage_Load);
}
private void BasePage_Load(object sender, System.EventArgs e)
{
if (Context.User.Identity.IsAuthenticated)
{
if (!(Context.User is SitePrincipal))
{
Response.Write("Context.User.Identity.Is Authenticated");
SitePrincipal newUser = new SitePrincipal( Context.User.Identity.Name);
Context.User = newUser;
Response.Write(Context.User.IsInRole("123"));
}
} }
}
}
--------------------------------------------------------------------------
登陆页面 using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.Security;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls; namespace ContextUser
{
/// <summary>
/// WebForm1 的摘要说明。
/// </summary>
public class WebForm1 : ContextUser.BasePage
{
protected System.Web.UI.WebControls.TextBox username;
protected System.Web.UI.WebControls.TextBox pwd;
protected System.Web.UI.WebControls.Label Label1;
protected System.Web.UI.WebControls.Label Label2;
protected System.Web.UI.WebControls.Button Button1;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.Button1.Click += new System.EventHandler(this.Button1_Click);
this.Load += new System.EventHandler(this.Page_Load); }
#endregion private void Button1_Click(object sender, System.EventArgs e)
{
SitePrincipal principal = SitePrincipal.ValidateLogin(username.Text,pwd.Text); if(principal==null) { Label1.Text = "用户名或密码不正确";
}
else { Context.User = principal;
FormsAuthentication.SetAuthCookie( username.Text, true );
if(Context.User.IsInRole("123")) { Label2.Text = "用户" + Context.User.Identity.Name + "属于Admin组"; } else { Label2.Text = "用户" + Context.User.Identity.Name + "不属于Admin组"; } } }
}
}
--------------------------------------------------- 验证页面 需要继承basepage using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls; namespace ContextUser
{
/// <summary>
/// _default 的摘要说明。
/// </summary>
public class _default : ContextUser.BasePage
{
protected System.Web.UI.WebControls.Label Label1;
private void Page_Load(object sender, System.EventArgs e)
{ if (!Context.User.Identity.IsAuthenticated ||
!((SitePrincipal)Context.User).HasPermission(2))
{
Page.Response.Redirect("WebForm1.aspx");
}
else
{
Page.Response.Write("通过");
}
} #region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
base.OnInit(e);//------------------------------------------------------------注意这里需要放在上边
InitializeComponent();
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.Load += new System.EventHandler(this.Page_Load); }
#endregion
}
}
参考了一些网友的文章还有wrox站点高级编程 在此感谢! 
|
本类阅读TOP10