基于.net的principal、identity接口的用户处理机制。
SiteIdentity.cs
using System;
using System.Text;
using System.Collections;
using System.Security.Cryptography;
namespace ContextUser
{
/// <summary>
/// SiteIdentity 的摘要说明。
/// </summary>
public class SiteIdentity: System.Security.Principal.IIdentity
{
private string userName;
private string emailAddress;
private int userID;
public SiteIdentity(string currentUserName )
{
userName = currentUserName;
emailAddress = "test@msn.com";
userID =1;
}
public string AuthenticationType
{
get
{
return "Custom Authentication";
}
set
{
// do nothing
}
}
public bool IsAuthenticated
{
get
{
// assumption: all instances of a SiteIdentity have already
// been authenticated.
return true;
}
}
public string Name
{
get
{
return userName;
}
}
public string EmailAddress
{
get
{
return emailAddress;
}
}
public int UserID
{
get
{
return userID;
}
}
}
}
-----------------------------------------------------------------------------------------------
SitePrincipal.cs
using System;
using System.Collections;
using System.Security;
using System.Security.Cryptography;
namespace ContextUser
{
/// <summary>
/// SitePrincipal 的摘要说明。
/// </summary>
public class SitePrincipal: System.Security.Principal.IPrincipal
{
protected System.Security.Principal.IIdentity identity;
protected ArrayList permissionList;//许可动态数组
protected ArrayList roleList;//角色动态数组
public System.Security.Principal.IIdentity Identity
{
get
{
return identity;
}
set
{
identity = value;
}
}
public SitePrincipal( string username )//构造函数逻辑
{
identity = new SiteIdentity( username );
roleList = new ArrayList();//添加角色数组 以后可以用从数据库获取数值代替
roleList.Add("Admin");
roleList.Add("123");
permissionList = new ArrayList();
permissionList.Add(2);
//permissionList = dataUser.GetEffectivePermissionList( userID );
//roleList = dataUser.GetUserRoles( userID );
}
public static SitePrincipal ValidateLogin(string username, string password)//验证登陆
{
if(username == "1111111" && password == "1111111")//可以用从数据库验证替代
{
return new SitePrincipal( username );
}
else
{
return null;
}
}
public bool IsInRole(string role)
{
return roleList.Contains( role );
}
public bool HasPermission( int permissionID )
{
return permissionList.Contains( permissionID );
}
public ArrayList Roles
{
get
{
return roleList;
}
}
public ArrayList Permissions
{
get
{
return permissionList;
}
}
}
}
下面继承page 用于需要验证的页面继承
BasePage.cs
using System;
using System.Web;
using System.Web.UI;
using System.Diagnostics;
namespace ContextUser
{
/// <summary>
/// BasePage 的摘要说明。
/// </summary>
public class BasePage : System.Web.UI.Page
{
public BasePage()
{
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
this.Load += new System.EventHandler(this.BasePage_Load);
}
private void BasePage_Load(object sender, System.EventArgs e)
{
if (Context.User.Identity.IsAuthenticated)
{
if (!(Context.User is SitePrincipal))
{
Response.Write("Context.User.Identity.Is Authenticated");
SitePrincipal newUser = new SitePrincipal( Context.User.Identity.Name);
Context.User = newUser;
Response.Write(Context.User.IsInRole("123"));
}
}
}
}
}
--------------------------------------------------------------------------
登陆页面
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.Security;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
namespace ContextUser
{
/// <summary>
/// WebForm1 的摘要说明。
/// </summary>
public class WebForm1 : ContextUser.BasePage
{
protected System.Web.UI.WebControls.TextBox username;
protected System.Web.UI.WebControls.TextBox pwd;
protected System.Web.UI.WebControls.Label Label1;
protected System.Web.UI.WebControls.Label Label2;
protected System.Web.UI.WebControls.Button Button1;
private void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
}
#region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
InitializeComponent();
base.OnInit(e);
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.Button1.Click += new System.EventHandler(this.Button1_Click);
this.Load += new System.EventHandler(this.Page_Load);
}
#endregion
private void Button1_Click(object sender, System.EventArgs e)
{
SitePrincipal principal = SitePrincipal.ValidateLogin(username.Text,pwd.Text);
if(principal==null)
{
Label1.Text = "用户名或密码不正确";
}
else
{
Context.User = principal;
FormsAuthentication.SetAuthCookie( username.Text, true );
if(Context.User.IsInRole("123"))
{
Label2.Text = "用户" + Context.User.Identity.Name + "属于Admin组";
}
else
{
Label2.Text = "用户" + Context.User.Identity.Name + "不属于Admin组";
}
}
}
}
}
---------------------------------------------------
验证页面 需要继承basepage
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
namespace ContextUser
{
/// <summary>
/// _default 的摘要说明。
/// </summary>
public class _default : ContextUser.BasePage
{
protected System.Web.UI.WebControls.Label Label1;
private void Page_Load(object sender, System.EventArgs e)
{
if (!Context.User.Identity.IsAuthenticated ||
!((SitePrincipal)Context.User).HasPermission(2))
{
Page.Response.Redirect("WebForm1.aspx");
}
else
{
Page.Response.Write("通过");
}
}
#region Web 窗体设计器生成的代码
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: 该调用是 ASP.NET Web 窗体设计器所必需的。
//
base.OnInit(e);//------------------------------------------------------------注意这里需要放在上边
InitializeComponent();
}
/// <summary>
/// 设计器支持所需的方法 - 不要使用代码编辑器修改
/// 此方法的内容。
/// </summary>
private void InitializeComponent()
{
this.Load += new System.EventHandler(this.Page_Load);
}
#endregion
}
}
参考了一些网友的文章还有wrox站点高级编程 在此感谢!