从sqhatasource中的auth ticket获取用户名,其中包含条件

时间:2012-07-21 10:55:58

标签: c# asp.net

登录时我有以下cookie:    if(Membership.ValidateUser(UserName.Text,Password.Text))             {                 string userData =“此用户的ApplicationSpecific数据。”; 

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
              UserName.Text,
              DateTime.Now,
              DateTime.Now.AddMinutes(30),
              isPersistent,
              userData,
              FormsAuthentication.FormsCookiePath);

            // Encrypt the ticket.
            string encTicket = FormsAuthentication.Encrypt(ticket);

            // Create the cookie.
            Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
            FormsAuthentication.RedirectFromLoginPage(UserName.Text, isPersistent);
        }

在受保护的页面中,我解密了它:

 HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);

受保护页面中有一个gridview控件。

  • 当我选择从sqldatasource绑定gridview时,我需要 选择数据库,我可以使用'Where'子句。

例如:

Column : Username
Operator : =
Source : control/cookie/form/profile/queryString/session/route.

由于

,我选择了COOKIE 
forms auth ticket. and the cookie name from web.config:

     <forms name=".TEST"

但是无法正常工作我收到此错误:

Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>


Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>

1 个答案:

答案 0 :(得分:0)

您可以将以下内容添加到web.config 

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>

因为这会向您显示正在隐藏的错误消息。我们目前看到的通用“错误消息被拒绝”。

或者,您可能希望查看更好的错误处理系统,例如ELMAH,其中错误记录到数据库中,您仍然可以遇到限制性错误,但仍然可以作为开发人员查看它们是什么。

相关问题
最新问题