2015-05-28 102 views
0

所以這裏是我的困境, 我想使用Windows身份驗證,但不是在傳統意義上。 我需要用戶能夠爲我提供一個預定用戶的密碼。服務器上存在我的IIS正在運行。 該用戶是該機器上的本地用戶。MVC登錄畫面,驗證與服務器的Windows用戶

將MVC設置爲windows身份驗證會導致您需要登錄的那個可怕的彈出窗口。我想以我的Web應用程序的樣式向他們展示一個不錯的登錄窗口。

所以我的解決方案是,使用個人帳戶認證。 現在,這也不錯,但是,它使用EF和數據庫,我不想保存和維護任何密碼。

所以,我發現這段代碼:

PrincipalContext context = 
new PrincipalContext(ContextType.Machine, null); 
return context.ValidateCredentials(username, password); 

這不會是我想要什麼,但。那麼我如何檢查用戶是否在導航到另一個頁面後實際進行了身份驗證?

我已經使用其他網站的個人用戶帳戶,您可以使用[授權]作爲一種方式來執行此操作。但我沒有一個真正的模型來驗證這裏。

有人對我如何解決這個問題有想法嗎? 還是有人遇到類似的情況?

另外我明白這裏沒有太多的代碼,但老實說,我不能遠遠不夠實際顯示你們值得發佈的東西。

編輯: 會議會是正確的路嗎?我可以爲登錄狀態設置會話變量並檢查每個頁面上的內容?我寧願另一種方法。 (餅乾是不行的)

回答

1

會議應該走的路。 另外,你有沒有考慮使用外部認證?這樣你就不需要維護密碼。 http://www.asp.net/web-pages/overview/security/enabling-login-from-external-sites-in-an-aspnet-web-pages-site

最有可能你需要使用這個傢伙:https://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication(v=vs.110).aspx 另一個鏈接:http://www.codeproject.com/Articles/578374/AplusBeginner-splusTutorialplusonplusCustomplusF

此外,您可以在自動生成的AccountController看看IAuthenticationManager,它有一些有趣的方法,看看你是否可以重複使用他們。

// 
     // Summary: 
     //  Add information to the response environment that will cause the appropriate 
     //  authentication middleware to grant a claims-based identity to the recipient 
     //  of the response. The exact mechanism of this may vary. Examples include 
     //  setting a cookie, to adding a fragment on the redirect url, or producing 
     //  an OAuth2 access code or token response. 
     // 
     // Parameters: 
     // identities: 
     //  Determines which claims are granted to the signed in user. The ClaimsIdentity.AuthenticationType 
     //  property is compared to the middleware's Options.AuthenticationType value 
     //  to determine which claims are granted by which middleware. The recommended 
     //  use is to have a single ClaimsIdentity which has the AuthenticationType matching 
     //  a specific middleware. 
     void SignIn(params ClaimsIdentity[] identities); 
     // 
     // Summary: 
     //  Add information to the response environment that will cause the appropriate 
     //  authentication middleware to grant a claims-based identity to the recipient 
     //  of the response. The exact mechanism of this may vary. Examples include 
     //  setting a cookie, to adding a fragment on the redirect url, or producing 
     //  an OAuth2 access code or token response. 
     // 
     // Parameters: 
     // properties: 
     //  Contains additional properties the middleware are expected to persist along 
     //  with the claims. These values will be returned as the AuthenticateResult.properties 
     //  collection when AuthenticateAsync is called on subsequent requests. 
     // 
     // identities: 
     //  Determines which claims are granted to the signed in user. The ClaimsIdentity.AuthenticationType 
     //  property is compared to the middleware's Options.AuthenticationType value 
     //  to determine which claims are granted by which middleware. The recommended 
     //  use is to have a single ClaimsIdentity which has the AuthenticationType matching 
     //  a specific middleware. 
     void SignIn(AuthenticationProperties properties, params ClaimsIdentity[] identities); 

使用可能可能是這樣的:

var userIdentity = await CreateUserIdentityAsync(user).WithCurrentCulture(); 

AuthenticationManager.SignIn(
       new AuthenticationProperties { IsPersistent = isPersistent }, 
       userIdentity); 
相關問題