C# 为什么(有时)Membership.ValidateUser首先调用PasswordFormat以及如何调用?
我在一台机器上运行了C# 为什么(有时)Membership.ValidateUser首先调用PasswordFormat以及如何调用?,c#,.net,asp.net-membership,C#,.net,Asp.net Membership,我在一台机器上运行了MVC项目。我在web配置中设置了自定义成员身份,例如: <membership defaultProvider="CustomMembership"> <providers> <clear/> <add name="CustomMembership" type="GotPayments.CustomAuthentication.CustomMembership"/> </providers>
MVC
项目。我在web配置中设置了自定义成员身份,例如:
<membership defaultProvider="CustomMembership">
<providers>
<clear/>
<add name="CustomMembership" type="GotPayments.CustomAuthentication.CustomMembership"/>
</providers>
</membership>
但是,一旦我将项目复制到另一台机器上并运行它,相同的功能(在执行之前;因此F11在调试时不要进入ValidateUser
)调用:
public override MembershipPasswordFormat PasswordFormat
{
get
{
throw new NotImplementedException();
}
}
这会引发异常
为什么它只称之为“有时”?框架如何称呼它?
我自己从来不叫那个函数
堆栈跟踪:
in System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
in System.Environment.get_StackTrace()
in MyProject.CustomAuthentication.CustomMembership.get_PasswordFormat() in CustomMembership.cs:riga 117
in System.Web.Security.Membership.CheckedPasswordFormat(MembershipProviderCollection providers)
in System.Web.Security.Membership.Initialize()
in System.Web.Security.Membership.get_Provider()
in System.Web.Security.Membership.ValidateUser(String username, String password)
in MyProject.Controllers.AccountController.Login(LoginViewModel loginView) in AccountController.cs:riga 27
Login.cs
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginViewModel loginView)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(loginView.Email, loginView.Password))
{
// ...
}
}
// ...
}
哦,我的。。。这是不区分大小写的明文密码验证吗?这比常见的明文密码验证噩梦还要糟糕。你能在stacktrace进入
PasswordFormat.get
?@CamiloTerevinto时发布它吗?你的意思是System.Diagnostics.stacktrace t=new System.Diagnostics.stacktrace()代码>?哪种方法?可能是该方法,也可能是Visual Studio堆栈跟踪窗口的输出(当然,如果是调试)。我的意思是当它到达PasswordFormat
属性posted时。对吗?这就是你要找的吗?
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginViewModel loginView)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(loginView.Email, loginView.Password))
{
// ...
}
}
// ...
}