C# 无法使用formsauthentication获取当前的.User.Identity
我是asp.NETMVC2的新手。我通过做一个测试项目来学习mvc。 我正在使用formsauthentication登录我的网站。在登录期间,我可以登录到该网站,但我没有获得用户身份 我把它作为我的参考网站 在我的网络配置文件中C# 无法使用formsauthentication获取当前的.User.Identity,c#,asp.net,asp.net-mvc,C#,Asp.net,Asp.net Mvc,我是asp.NETMVC2的新手。我通过做一个测试项目来学习mvc。 我正在使用formsauthentication登录我的网站。在登录期间,我可以登录到该网站,但我没有获得用户身份 我把它作为我的参考网站 在我的网络配置文件中 <authentication mode="Forms"> <forms loginUrl="~/Home/login" defaultUrl="~/Home/login" cookieless="UseCookies" slidingE
<authentication mode="Forms">
<forms loginUrl="~/Home/login" defaultUrl="~/Home/login" cookieless="UseCookies" slidingExpiration="true" timeout="20" />
</authentication>
<%
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
%>
Welcome <b><%= Html.Encode(Page.User.Identity.Name) %></b>!
[ <%= Html.ActionLink("Log Off", "LogOff", "Account") %> ] |
<%
if(HttpContext.Current.User.IsInRole("Brand"))
{
%>
[ <%= Html.ActionLink("my bin", "Bin", "Brand") %> ] |
<%
}
else if (HttpContext.Current.User.IsInRole("Creative"))
{
%>
[ <%= Html.ActionLink("my bin", "Bin", "Creative") %> ] |
<%
}
}
else
{
%>
[ <%= Html.ActionLink("Log On", "LogOn", "Account") %> ]
<%
}
%>
欢迎
[ ] |
[ ] |
[ ] |
[ ]
我遗漏了什么吗?如何在cookie中保存用户详细信息,如用户ID和角色。\u identity=Thread.CurrentPrincipal.identity \u identity=Thread.CurrentPrincipal.identity 您链接到的文章是关于WebForms的。在ASP.NET MVC中,我建议您使用自定义的
[Authorize]登录看起来不错。你可以这样保存它。然后写入自定义授权属性:
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var cookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
var roles = ticket.UserData.Split(',');
var identity = new GenericIdentity(ticket.Name);
httpContext.User = new GenericPrincipal(identity, roles);
}
}
return isAuthorized;
}
}
[MyAuthorize]
public ActionResult Foo()
{
// here the this.User property will represent the custom principal
...
}
现在,使用此自定义属性装饰控制器/操作:
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var cookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
var roles = ticket.UserData.Split(',');
var identity = new GenericIdentity(ticket.Name);
httpContext.User = new GenericPrincipal(identity, roles);
}
}
return isAuthorized;
}
}
[MyAuthorize]
public ActionResult Foo()
{
// here the this.User property will represent the custom principal
...
}
现在需要点击Global.asax
您链接到的文章是关于WebForms的。在ASP.NET MVC中,我建议您使用自定义的[Authorize]
过滤器。您的登录看起来不错。你可以这样保存它。然后写入自定义授权属性:
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var cookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
var roles = ticket.UserData.Split(',');
var identity = new GenericIdentity(ticket.Name);
httpContext.User = new GenericPrincipal(identity, roles);
}
}
return isAuthorized;
}
}
[MyAuthorize]
public ActionResult Foo()
{
// here the this.User property will represent the custom principal
...
}
现在,使用此自定义属性装饰控制器/操作:
public class MyAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext);
if (isAuthorized)
{
var cookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
var roles = ticket.UserData.Split(',');
var identity = new GenericIdentity(ticket.Name);
httpContext.User = new GenericPrincipal(identity, roles);
}
}
return isAuthorized;
}
}
[MyAuthorize]
public ActionResult Foo()
{
// here the this.User property will represent the custom principal
...
}
现在需要触摸Global.asax