C# 两次错误登录后';s、 “以用户身份登录”&引用;使用表单身份验证和AD时
我遇到了一个奇怪的问题。我正在使用窗体身份验证和Active Directory。我正在使用一个定制的ADRolesProvider来使用广告中的组。但是,我刚刚意识到,如果我尝试登录,无论登录凭据是什么,在两次尝试后,我都可以作为“”登录,这只是一个空格。我不知道该如何阻止这个问题,甚至要考虑问题所在。这是我的Web.configC# 两次错误登录后';s、 “以用户身份登录”&引用;使用表单身份验证和AD时,c#,asp.net,active-directory,forms-authentication,C#,Asp.net,Active Directory,Forms Authentication,我遇到了一个奇怪的问题。我正在使用窗体身份验证和Active Directory。我正在使用一个定制的ADRolesProvider来使用广告中的组。但是,我刚刚意识到,如果我尝试登录,无论登录凭据是什么,在两次尝试后,我都可以作为“”登录,这只是一个空格。我不知道该如何阻止这个问题,甚至要考虑问题所在。这是我的Web.config <?xml version="1.0" encoding="utf-8"?> <!-- For more information on how
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<connectionStrings>
<add name="ADService" connectionString="LDAP://domain/OU=stores,DC=domaincontroller,DC=net" />
<add name="DefaultConnection" providerName="System.Data.SqlClient" connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=aspnet-CentralLogin-20131227090301;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnet-CentralLogin-20131227090301.mdf" />
<add name="DBConnection" connectionString="Data Source=server;Initial Catalog=db;Integrated Security=True" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<customErrors mode="On" defaultRedirect="~/ErrorPages/Oops.aspx">
<error statusCode="401" redirect="~/ErrorPages/UnauthorizedAccess.aspx"/>
<error statusCode="403" redirect="~/ErrorPages/Forbidden.aspx"/>
<error statusCode="404" redirect="~/ErrorPages/PageNotFound.aspx" />
<error statusCode="406" redirect="~/ErrorPages/NoAcceptab le.aspx" />
<error statusCode="412" redirect="~/ErrorPages/PreconditionFailed.aspx" />
<error statusCode="500" redirect="~/ErrorPages/InternalServerError.aspx" />
<error statusCode="501" redirect="~/ErrorPages/NotImplemented.aspx" />
<error statusCode="502" redirect="~/ErrorPages/BadGateway.aspx" />
</customErrors>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<pages>
<namespaces>
<add namespace="System.Web.Optimization" />
</namespaces>
<controls>
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
<add tagPrefix="ajaxToolkit" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
</controls>
</pages>
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" name="ADAuthCookie" timeout="60" defaultUrl="~/Dashboard.aspx" />
</authentication>
<sessionState timeout="60" mode="InProc" cookieless="false" />
<machineKey validationKey="F4C71E2764B15C6" decryptionKey="058908ECF9ABEA546C9F626E" validation="SHA1" decryption="AES" />
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<clear />
<!--Membership provider for Active Directory-->
<add name="AspNetActiveDirectoryMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADService" attributeMapUsername="sAMAccountName" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="ADRoleProvider" cacheRolesInCookie="true" cookieName=".ASPXROLES" cookiePath="/" cookieTimeout="60" cookieRequireSSL="false" cookieSlidingExpiration="true" createPersistentCookie="false" cookieProtection="All">
<providers>
<clear />
<add name="ADRoleProvider" connectionStringName="ADConnectionString" connectionUsername="username" connectionPassword="password" attributeMapUsername="sAMAccountName" type="ActiveDirectoryRoleProvider"/>
</providers>
</roleManager>
</system.web>
<location path="Dashboard.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="About.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<location path="Reporting/Payroll/StorePayroll.aspx">
<system.web>
<authorization>
<allow roles="SoftwareDevelopers,IntranetManagers"/>
<deny users="*" />
</authorization>
</system.web>
</location>
<system.webServer>
<httpErrors existingResponse="Replace">
<remove statusCode="502" subStatusCode="-1" />
<remove statusCode="501" subStatusCode="-1" />
<remove statusCode="500" subStatusCode="-1" />
<remove statusCode="412" subStatusCode="-1" />
<remove statusCode="406" subStatusCode="-1" />
<remove statusCode="405" subStatusCode="-1" />
<remove statusCode="403" subStatusCode="-1" />
<remove statusCode="401" subStatusCode="-1" />
<remove statusCode="404" subStatusCode="-1" />
<!--redirects to error pages -->
</httpErrors>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.AspNet" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.WindowsAzure.Storage" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.1.0.4" newVersion="2.1.0.4" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="AjaxMin" publicKeyToken="21ef50ce11b5d80f" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.6.5100.19196" newVersion="5.6.5100.19196" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
<parameters>
<parameter value="v11.0" />
</parameters>
</defaultConnectionFactory>
</entityFramework>
</configuration>
感谢您的帮助。如果需要更多信息,请告诉我
更新:我是如何通过Wiktor Zychla建议解决问题的
将此按钮放置在“单击”按钮中
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, "TheDomain"))
{
// validate the credentials
bool isValid = pc.ValidateCredentials("myuser", "mypassword", ContextOptions.Negotiate);
if (IsValid == false)
{
FormsAuthentication.SetAuthCookie(User.Identity.Name.ToString(), false);
}
}
我原以为isValid==true会起作用,但事实并非如此。然而,isValid==false确实起作用,所以我继续使用它
FormsAuthentication.SetAuthCookie(User.Identity.Name.ToString(), false);
设置身份验证cookie。前面没有if!这意味着在您第一次引发此事件时,您将无条件地对迄今为止已通过身份验证的用户进行身份验证。是谁?没有人,因此是“没有人”
这意味着您向空用户名发出表单cookie。第二次提交页面时,cookie会出现在请求中,以便forms模块正确识别经过身份验证的用户
你想要的是
protected void btnLogin_Click(object sender, EventArgs e)
{
if ( username_password_pair_is_correct )
FormsAuthentication.SetAuthCookie(User.Identity.Name.ToString(), false);
}
在实际情况下,应根据广告验证这对情侣(这并不困难,谷歌搜索将帮助您)。很好的解释。有道理。谢谢你的帮助!
protected void btnLogin_Click(object sender, EventArgs e)
{
if ( username_password_pair_is_correct )
FormsAuthentication.SetAuthCookie(User.Identity.Name.ToString(), false);
}