我正在为基于sharepoint表单的身份验证创建自定义登录页面。
默认页面有登录控件,登录控件有2种方法,登录和onauthorize。
登录获得用户ID,以后我需要它来验证外部短信提供商的短信。
我尝试使用Session执行此操作但我收到此错误
会话状态只能在enableSessionState设置为true时使用, 在配置文件中或在Page指令中。还请 确保System.Web.SessionStateModule或自定义会话状态 模块包含在\\中 应用程序配置中的部分。
代码
namespace Authentication.FBA2FA.CustomLogin.Layouts.Authentication.FBA2FA.CustomLogin
{
public partial class CustomLoginPage : FormsSignInPage
{
private string cellnumber;
private bool siCell;
AuthyClient client;
private string useridAuthy;
protected void Page_Load(object sender, EventArgs e)
{
}
protected void signInControl_Authenticate(object sender, AuthenticateEventArgs e)
{
SecurityToken token = null;
LoginControl formsLoginControl = sender as LoginControl;
TextBox txtphone = (TextBox)signInControl.FindControl("tbxPhone");
TextBox txtSecureCode = (TextBox)signInControl.FindControl("tbxSecureCode");
client = GetAuthyClient();
// I need to get the user id here.
var tokenresult = client.VerifyToken(Session["userid"].ToString(), txtSecureCode.Text);
if (tokenresult.Status != AuthyStatus.Success)
{
siCell = true;
}
else
{
siCell = false;
}
//bSendSms.Click += bSendSms_Click;
if (null != (token = GetSecurityToken(formsLoginControl)))
{
if (siCell)
{
EstablishSessionWithToken(token);
e.Authenticated = true;
base.RedirectToSuccessUrl();
}
else
{
e.Authenticated = false;
}
}
}
//private void bSendSms_Click(object sender, EventArgs e)
//{
//}
private SPIisSettings IisSettings
{
get
{
SPWebApplication webApp = SPWebApplication.Lookup(new Uri(SPContext.Current.Web.Url));
SPIisSettings settings = webApp.IisSettings[SPUrlZone.Default];
return settings;
}
}
private SecurityToken GetSecurityToken(LoginControl formsLoginControl)
{
SecurityToken token = null;
SPIisSettings iisSettings = IisSettings;
Uri appliesTo = base.AppliesTo;
if (string.IsNullOrEmpty(formsLoginControl.UserName) || string.IsNullOrEmpty(formsLoginControl.Password))
return null;
SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;
token = SPSecurityContext.SecurityTokenForFormsAuthentication(
appliesTo,
authProvider.MembershipProvider,
authProvider.RoleProvider,
formsLoginControl.UserName,
formsLoginControl.Password);
return token;
}
protected void btnSms_Click(object sender, EventArgs e)
{
TextBox txtSecureCode = (TextBox)signInControl.FindControl("tbxSecureCode");
TextBox txtphone = (TextBox)signInControl.FindControl("tbxPhone");
int n;
bool isNumeric = int.TryParse(txtphone.Text, out n);
if (string.IsNullOrEmpty(txtphone.Text) && !isNumeric)
{
ClaimsFormsPageMessage.Text = "Please insert a cellphone number";
}
else
{
cellnumber = txtphone.Text;
client = GetAuthyClient();
var result = client.RegisterUser("univer.diego.s@gmail.com", cellnumber, 57);
useridAuthy = result.UserId;
// I need to set the user id here.
Session["userid"] = useridAuthy;
client.SendSms(result.UserId, true);
}
}
}
}
因为这是Sharepoint,我不确定我是否应该在Web应用程序的web.config中执行某些操作,以及它是否会对sharepoint本身造成任何损害。 非常感谢
答案 0 :(得分:1)
您可以在自定义页面上的Page指令中添加EnableSessionState="True",而不是修改SharePoint的web.config文件。
<%@ Page Language="C#" EnableSessionState="True" ... %>