我需要在我的Web应用程序中实现自己的自定义提供程序。部分成功实施后,我正在寻找以下问题的答案:
我发现某些功能我错过了覆盖,而且我认为我也同样使用了RoleProvider。如果有任何完整的清单或那么......那一定会帮助我
答案 0 :(得分:3)
1)我需要在我的应用程序中覆盖哪些功能
您主要需要覆盖GetUser和ValidateUser,以便成员资格提供程序使用Login Control。其余的是可选的。
public class CustomMembershipProvider : MembershipProvider
{
public override MembershipUser GetUser(string username, bool userIsOnline)
{
throw new NotImplementedException();
}
public override bool ValidateUser(string username, string password)
{
throw new NotImplementedException();
}
}
2)我需要继承哪些类。到目前为止,我使用了类: MemberShipProvider,RoleProvider。
MembershipProvider是必须的。如果要按角色授权用户,则需要实现RoleProvider。
3)ASP.NET可以自动连接到我的正确表 数据库。这有什么设置吗?比如指定默认值 表名?
您要覆盖成员资格提供程序的原因是您希望使用您创建的自定义表。您负责从数据库返回数据;成员资格提供者不再需要知道您的表的名称。因此,答案是否定的 - 没有设置。
4)是否有任何内置功能可将密码设置为Salted Hash? 或者我需要自己实现这个?
以下是成员资格提供程序用于生成哈希密码的方法 -
private static string GenerateSalt()
{
byte[] numArray = new byte[16];
(new RNGCryptoServiceProvider()).GetBytes(numArray);
string base64String = Convert.ToBase64String(numArray);
return base64String;
}
private string EncodePassword(string pass, int passwordFormat, string salt)
{
byte[] numArray;
byte[] numArray1;
string base64String;
bool length = passwordFormat != 0;
if (length)
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] numArray2 = Convert.FromBase64String(salt);
byte[] numArray3 = null;
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(Membership.HashAlgorithmType);
if (hashAlgorithm as KeyedHashAlgorithm == null)
{
numArray1 = new byte[(int) numArray2.Length + (int) bytes.Length];
Buffer.BlockCopy(numArray2, 0, numArray1, 0, (int) numArray2.Length);
Buffer.BlockCopy(bytes, 0, numArray1, (int) numArray2.Length, (int) bytes.Length);
numArray3 = hashAlgorithm.ComputeHash(numArray1);
}
else
{
KeyedHashAlgorithm keyedHashAlgorithm = (KeyedHashAlgorithm) hashAlgorithm;
if (keyedHashAlgorithm.Key.Length != numArray2.Length)
{
if (keyedHashAlgorithm.Key.Length >= (int) numArray2.Length)
{
numArray = new byte[(int) keyedHashAlgorithm.Key.Length];
int num = 0;
while (true)
{
length = num < (int) numArray.Length;
if (!length)
{
break;
}
int num1 = Math.Min((int) numArray2.Length, (int) numArray.Length - num);
Buffer.BlockCopy(numArray2, 0, numArray, num, num1);
num = num + num1;
}
keyedHashAlgorithm.Key = numArray;
}
else
{
numArray = new byte[(int) keyedHashAlgorithm.Key.Length];
Buffer.BlockCopy(numArray2, 0, numArray, 0, (int) numArray.Length);
keyedHashAlgorithm.Key = numArray;
}
}
else
{
keyedHashAlgorithm.Key = numArray2;
}
numArray3 = keyedHashAlgorithm.ComputeHash(bytes);
}
base64String = Convert.ToBase64String(numArray3);
}
else
{
base64String = pass;
}
return base64String;
}
5)WAT工具对我有帮助或者它将受到限制 功能,因为我发现它可能至少在调试方面有帮助吗?
是的,您仍然可以使用网站管理工具,但这取决于您覆盖的那些方法。
例如,如果您不覆盖角色提供者,则将用户分配给角色将无法正常工作。
http://www.asp.net/general/videos/how-do-i-create-a-custom-membership-provider http://www.davidhayden.com/blog/dave/archive/2007/10/11/CreateCustomMembershipProviderASPNETWebsiteSecurity.aspx http://www.shiningstar.net/aspnet_articles/customprovider/CustomProvider.aspx http://www.devx.com/asp/Article/29256/0/page/3 http://www.15seconds.com/issue/050216.htm http://www.codeproject.com/KB/aspnet/CustomMembershipProviders.aspx http://www.codeproject.com/KB/aspnet/WSSecurityProvider.aspx