我在.NET 4.5中的ASP.NET Web Forms中使用Windows身份基础和表单身份验证 如何将WIF表单身份验证与我的自定义成员资格提供程序和web.config中定义的自定义角色提供程序结合使用?
我想使用我的自定义成员资格提供程序从SQL DB加载其他用户信息,例如电子邮件,生日,头像iamge。 我想使用我的自定义角色提供程序从SQL DB中获取所有用于身份验证的用户的角色。
我的身份验证方法Authenticate(userName,password)是从Login.aspx LoginButtonClick调用的:
public static ClaimsPrincipal Authenticate(string userName, string password)
{
var principal = AuthenticateWindowsUser(userName, password);
var inputIdentity = (WindowsIdentity)principal.Identity;
var outputIdentity = new ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, inputIdentity.Name));
return new ClaimsPrincipal(outputIdentity);
}
private static WindowsPrincipal AuthenticateWindowsUser(string userName, string password)
{
try
{
SecurityToken securityToken = new UserNameSecurityToken(userName, password);
var handlers = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers;
//Uses default WindowsUserNameSecurityTokenHandler
return new WindowsPrincipal((WindowsIdentity)handlers.ValidateToken(securityToken)[0]);
}
catch (SecurityTokenValidationException ex)
{
ShowException(ex);
}
}
答案 0 :(得分:2)
假设提供的代码适合您,它应该是
public static ClaimsPrincipal Authenticate(string userName, string password)
{
var principal = AuthenticateWindowsUser(userName, password);
var inputIdentity = (WindowsIdentity)principal.Identity;
var outputIdentity = new ClaimsIdentity(inputIdentity.AuthenticationType);
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, inputIdentity.Name));
// other information from the membership provider
var user = Membership.GetUser( userName ) );
outputIdentity.AddClaim( new Claim( ClaimTypes.Email, user.Email ) );
...
// roles from role provider
foreach ( string role in Roles.GetRolesForUser( userName ) )
outputIdentity.AddClaim( new Claim( ClaimTypes.Role, role ) );
return new ClaimsPrincipal(outputIdentity);
}