ASP.NET Tutorial/Authentication Authorization/Login
Содержание
Performing Custom Authentication with the Login Control
By default, the Login control uses ASP.NET Membership to authenticate a username and password.
To change this default setting, you can handle the Login control"s Authenticate event.
To use a list of usernames and passwords in the web configuration file.
File: Web.config
<configuration>
<system.web>
<authentication mode="Forms">
<forms>
<credentials passwordFormat="Clear">
<user name="Bill" password="secret" />
<user name="Ted" password="secret" />
</credentials>
</forms>
</authentication>
</system.web>
</configuration>
File: LoginCustom.aspx
<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
string userName = Login1.UserName;
string password = Login1.Password;
e.Authenticated = FormsAuthentication.Authenticate(userName, password);
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Login Custom</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login
id="Login1"
OnAuthenticate="Login1_Authenticate"
Runat="server" />
</div>
</form>
</body>
</html>
Using a Template with the Login Control
<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Login Template</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login
id="Login1"
Runat="server">
<LayoutTemplate>
<asp:Label
id="FailureText"
EnableViewState="false"
CssClass="loginError"
Runat="server" />
<br />
<asp:Label
id="lblUserName"
AssociatedControlID="UserName"
Text="User Name:"
Runat="server" />
<br />
<asp:TextBox
id="UserName"
Runat="server" />
<br /><br />
<asp:Label
id="lblPassword"
AssociatedControlID="Password"
Text="Password:"
Runat="server" />
<br />
<asp:TextBox
id="Password"
TextMode="Password"
Runat="server" />
<br /><br />
<asp:Button
id="btnLogin"
Text="Login"
CommandName="Login"
Runat="server" />
</LayoutTemplate>
</asp:Login>
</div>
</form>
</body>
</html>
Using the Login server control on the Login.aspx page (C#)
<%@ Page Language="C#" %>
<script runat="server">
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (Login1.UserName == "A" && Login1.Password == "B") {
FormsAuthentication.RedirectFromLoginPage(Login1.UserName,
Login1.RememberMeSet);
}
else {
Response.Write("Invalid credentials");
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Login Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login ID="Login1" runat="server" OnAuthenticate="Login1_Authenticate">
</asp:Login>
</div>
</form>
</body>
</html>
Using the Login server control on the Login.aspx page (VB)
<%@ Page Language="VB" %>
<script runat="server">
Protected Sub Login1_Authenticate(ByVal sender As Object, _
ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs)
If (Login1.UserName = "A" And Login1.Password = "B") Then
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, _
Login1.RememberMeSet)
Else
Response.Write("Invalid credentials")
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>Login Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Login ID="Login1" runat="server" OnAuthenticate="Login1_Authenticate">
</asp:Login>
</div>
</form>
</body>
</html>