这个问题之所以存在,是因为它确实存在 具有历史意义,但事实并非如此 被认为是一个很好的主题问题 因为是本网站,所以请不要使用 作为证据,你可以问类似的问题 这里的问题。 更多信息:https://stackoverflow.com/faq
总有一些功能在边缘场景中很有用,但正是因为这个原因,大多数人都不知道它们。我要求的是课本上通常没有教过的特性。
你知道的是什么?
当前回答
If you use web services instead WCF services, you can still use standard .Net membership to enforce authentication and login session behaviour on a set web services similarly to a how you would secure web site with membership forms authentication & without the need for a special session and/or soap headers implementations by simply calling System.Web.Security.FormsAuthentication.SetAuthCookie(userName, false) [after calling Membership.ValidateUser(userName, password) of course] to create cookie in the response as if the user has logged in via a web form. Then you can retrieve this authentication cookie with Response.Cookies[].Value and return it as a string to the user which can be used to authenticate the user in subsequent calls by re-creating the cookie in the Application_BeginRequest by extracting the cookie method call param from the Request.InputStream and re-creating the auth cookie before the membership authenticates the request this way the membership provider gets tricked and will know the request is authenticated and enforce all its rules.
将此cookie返回给用户的示例web方法签名如下: 字符串登录(用户名、密码)
后续web方法调用示例如下: 字符串DoSomething(字符串authcookie,字符串methodParam1,int methodParam2等,等),你需要提取authcookie(这是从登录方法获得的值)参数从请求。InputStreamis
这也模拟了一个登录会话并调用FormsAuthentication。签出在web方法,如注销(authcookie)将 使用户需要再次登录。
其他回答
这似乎是一个巨大而模糊的问题…… 但我将在这里介绍Reflection,因为它允许我做一些非常强大的事情,如可插拔的DALs等。
Page对象上的ClientScript属性。
If you use web services instead WCF services, you can still use standard .Net membership to enforce authentication and login session behaviour on a set web services similarly to a how you would secure web site with membership forms authentication & without the need for a special session and/or soap headers implementations by simply calling System.Web.Security.FormsAuthentication.SetAuthCookie(userName, false) [after calling Membership.ValidateUser(userName, password) of course] to create cookie in the response as if the user has logged in via a web form. Then you can retrieve this authentication cookie with Response.Cookies[].Value and return it as a string to the user which can be used to authenticate the user in subsequent calls by re-creating the cookie in the Application_BeginRequest by extracting the cookie method call param from the Request.InputStream and re-creating the auth cookie before the membership authenticates the request this way the membership provider gets tricked and will know the request is authenticated and enforce all its rules.
将此cookie返回给用户的示例web方法签名如下: 字符串登录(用户名、密码)
后续web方法调用示例如下: 字符串DoSomething(字符串authcookie,字符串methodParam1,int methodParam2等,等),你需要提取authcookie(这是从登录方法获得的值)参数从请求。InputStreamis
这也模拟了一个登录会话并调用FormsAuthentication。签出在web方法,如注销(authcookie)将 使用户需要再次登录。
HttpContext。项作为请求级缓存工具
VS阻塞的有效语法:
<input type="checkbox" name="roles" value='<%# Eval("Name") %>'
<%# ((bool) Eval("InRole")) ? "checked" : "" %>
<%# ViewData.Model.IsInRole("Admin") ? "" : "disabled" %> />
推荐文章
- HTTP POST返回错误:417“期望失败。”
- 为什么Path。以Path.DirectorySeparatorChar开头的文件名合并不正确?
- c# .NET中的App.config是什么?如何使用它?
- String类中的什么方法只返回前N个字符?
- 我如何提高ASP。NET MVC应用程序性能?
- 无法解析类型为“Microsoft.AspNetCore.Http.IHttpContextAccessor”的服务
- 如何在没有任何错误或警告的情况下找到构建失败的原因
- Visual Studio弹出提示:“操作无法完成”
- 否ConcurrentList<T>在。net 4.0?
- 在c#中解析字符串为日期时间
- 由Jon Skeet撰写的《Singleton》澄清
- 自定义数字格式字符串始终显示符号
- Post参数始终为空
- string.ToLower()和string.ToLowerInvariant()
- 检查instance是否属于某个类型
