1. 首頁
  2. 問答
  3. Umbraco 7自定義會員和角色提供商

Umbraco 7自定義會員和角色提供商

2015-04-17 127 views
4

我經歷了10年的文檔,我正在做正確的事情,但我相信這是我錯過的一個小細節。Umbraco 7自定義會員和角色提供商

我想用我自己的登錄機制登錄我的網站。登錄機制位於身份服務器中進行單點登錄。

但我想在umbraco中使用公共訪問功能,所以我從我的本地數據庫添加角色。通過改變配置文件

<roleManager enabled="true" defaultProvider="UmbracoRoleProvider"> 
     <providers> 
     <clear /> 
     <add name="UmbracoRoleProvider" type="rcsedWebServiceBLL.RCSEdRoleProvider" /> 
     </providers> 
    </roleManager>

貫徹RoleProvider

class RCSEdRoleProvider : RoleProvider 
    { 
     private string _ApplicationName = "UmbracoRoleProvider"; 
     public override void AddUsersToRoles(string[] usernames, string[] roleNames) 
     { 
     throw new NotImplementedException(); 
    } 

    public override string ApplicationName 
    { 
     get { return _ApplicationName; } 
     set 
     { 
      if(string.IsNullOrEmpty(value)) 
       throw new ProviderException("ApplicationName Cacnnot be Empty"); 

      if(value.Length > 0x100) 
       throw new ProviderException("provider application name too long"); 

      _ApplicationName = value; 
     } 
    } 

    public override void CreateRole(string roleName) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) 
    { 
     throw new NotImplementedException(); 
    } 

    public override string[] FindUsersInRole(string roleName, string usernameToMatch) 
    { 
     throw new NotImplementedException(); 
    } 

    public override string[] GetAllRoles() 
    { 
     return UBISRoles.GetRoleList(); 
    } 

    public override string[] GetRolesForUser(string username) 
    { 
     // code to return user role access 
     try 
     { 
      //ool isAuthenticateSession = RCSEd.UolsSecurity.CommonFunctions.CheckAuthenticateSessionOrNot(); 

      if (HttpContext.Current.Session["UOSStudent"] != null) 
      { 
       return (String[])HttpContext.Current.Session["userRoles"]; 
      } 
      else 
      { 
       List<String> retval = new List<string>(); 
       retval.Add("Public"); 
       return retval.ToArray(); 
      } 
     } 
     catch (Exception ex) 
     { 
      // AppLogWriter _objApplog = new AppLogWriter(); 
      // _objApplog.WriteLogMessages(ex.Message.ToString()); 
      //TODO catch Error 
      List<String> retval = new List<string>(); 
      retval.Add("Public"); 
      return retval.ToArray(); 
     } 

    } 

    public override string[] GetUsersInRole(string roleName) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool IsUserInRole(string username, string roleName) 
    { 
     try 
     { 
      foreach (String role in (String[])HttpContext.Current.Session["userRoles"]) 
      { 
       if (String.Compare(role, roleName, true) == 0) 
        return true; 
      } 


      return false; 

     } 
     catch { } 

     return false; 

    } 

    public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool RoleExists(string roleName) 
    { 

     foreach (string val in UBISRoles.GetRoleList()) 
     { 
      if (val == roleName) 
       return true; 
     } 

     return false; 
    } 
} 

class UBISRoles 
{ 
    private static string[] allroles = new string[] { //"Public", 
    "MembershipCandidate", 
     "MembershipMember" 
     }; 


    public static string[] GetRoleList() 
    { 
     return allroles; 
    } 



    public static void SetRoles(DataTable UBIsRolesResultsTBL) 
    { 
     List<String> userRoles = new List<string>(); 

     DataRow rec = UBIsRolesResultsTBL.Rows[0]; 


     switch (rec["Membership"].ToString()) 
     { 

      case "member": 
       userRoles.Add("MembershipMember"); 
       break; 
      case "pending member": 
       userRoles.Add("MembershipPending");//add 
       break; 
      case "public": 
       userRoles.Add("MembershipPublic");//add 
       break; 

     } 






     HttpContext.Current.Session["userRoles"] = userRoles.ToArray(); 

    } 

    private static void CheckSimpleFieldVal(List<String> userRoles, DataRow rec, string roleName) 
    { 
     try 
     { 
      if (string.Compare(rec[roleName].ToString(), "YES", true) == 0) 
       userRoles.Add(roleName); 

     } 
     catch (Exception ex) 
     { 
      string msg = ex.Message; 

     } 

    } 

    private static void CheckSimpleFieldValV2(List<String> userRoles, DataRow rec, string roleName) 
    { 
     try 
     { 
      if (string.Compare(rec[roleName].ToString(), "1", true) == 0) 
       userRoles.Add(roleName); 

     } 
     catch (Exception ex) 
     { 
      string msg = ex.Message; 

     } 

    } 

}

而這個工作正常,一切都被裝在會員羣體一把umbraco內勤。

但是,當我嘗試實現MembershipProvider時,我覺得事情不起作用。 web配置是這個樣子

<membership defaultProvider="UmbracoMembershipProvider" userIsOnlineTimeWindow="15"> 
     <providers> 
     <clear /> 
     <add name="UmbracoMembershipProvider" type="rcsedWebServiceBLL.RCSEdMembershipProvide" /> 
     <add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed" /> 
     </providers> 
    </membership>

而且Membershiprovider類這個樣子的

class RCSEdMembershipProvide : MembershipProvider 
    { 
     string connectionStringName; 
     private string _ApplicationName = "UmbracoMembershipProvider"; 
     public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config) 
     { 
     base.Initialize(name, config); 

     /* if (config["ConnectionStringName"] != null) 
      connectionStringName = config["connectionStringName"];*/ 




    } 

    public override string ApplicationName 
    { 
     get { return _ApplicationName; } 
     set 
     { 
      if (string.IsNullOrEmpty(value)) 
       throw new ProviderException("ApplicationName Cacnnot be Empty"); 

      if (value.Length > 0x100) 
       throw new ProviderException("provider application name too long"); 

      _ApplicationName = value; 
     } 
    } 

    public override bool ChangePassword(string username, string oldPassword, string newPassword) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) 
    { 
     throw new NotImplementedException(); 
    } 

    public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool DeleteUser(string username, bool deleteAllRelatedData) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool EnablePasswordReset 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override bool EnablePasswordRetrieval 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) 
    { 
     throw new NotImplementedException(); 
    } 

    public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) 
    { 
     throw new NotImplementedException(); 
    } 

    public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) 
    { 
     throw new NotImplementedException(); 
    } 

    public override int GetNumberOfUsersOnline() 
    { 
     throw new NotImplementedException(); 
    } 

    public override string GetPassword(string username, string answer) 
    { 
     throw new NotImplementedException(); 
    } 

    public override MembershipUser GetUser(string username, bool userIsOnline) 
    { 
     try 
     { 
      User user = (User)HttpContext.Current.Session["user"]; 
      if (user != null) 
       return new MembershipUser("RCSEdMembershipProvider", user.DisplayName, username, user.Email, "", "", true, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now); 
      else 
       return null; 

     } 
     catch 
     { 
      return null; 
     } 
    } 

    public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) 
    { 
     try 
     { 
      User user = (User)HttpContext.Current.Session["user"]; 

      if (user != null) 
       return new MembershipUser("RCSEdMembershipProvider", user.DisplayName, providerUserKey, user.Email, "", "", true, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now); 
      else 
       return null; 
     } 
     catch 
     { 

      return null; 
     } 
    } 

    public override string GetUserNameByEmail(string email) 
    { 
     throw new NotImplementedException(); 
    } 

    public override int MaxInvalidPasswordAttempts 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override int MinRequiredNonAlphanumericCharacters 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override int MinRequiredPasswordLength 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override int PasswordAttemptWindow 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override MembershipPasswordFormat PasswordFormat 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override string PasswordStrengthRegularExpression 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override bool RequiresQuestionAndAnswer 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override bool RequiresUniqueEmail 
    { 
     get { throw new NotImplementedException(); } 
    } 

    public override string ResetPassword(string username, string answer) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool UnlockUser(string userName) 
    { 
     throw new NotImplementedException(); 
    } 

    public override void UpdateUser(MembershipUser user) 
    { 
     throw new NotImplementedException(); 
    } 

    public override bool ValidateUser(string username, string password) 
    { 


     return true; 
    } 
}

我甚至把的ValidateUser是真正的所有時間。

因此,當用戶登錄到我的身份服務器時,我加載了HttpContext.Current.Session["userRoles"]中的用戶角色,並限制了我的網頁的公共訪問權限並將用戶重定向到正確的頁面。

當用戶沒有登錄時,用戶被重定向到登錄頁面,但是當用戶返回並且他/她的角色被加載並嘗試訪問受限制的頁面時,會員供應商ValidateUser不會被擊中並且用戶被一次又一次重定向回登錄頁面。

PS。我正在使用umbraco 7.1.3

對不起,但我想覆蓋我所有的步驟。先謝謝你。

來源

2015-04-17 dori naji

+0

您對登錄的看法如何? –

+0

你能解釋一下你是什麼意思?這是一個正常的登錄頁面。但正如我上面提到的,它設置在一個不同的項目中,因爲它是架構的單一標誌。 –

回答

1

不能評論,所以它會回答:)希望這會有所幫助。我的例子是基於用戶使用umbraco登錄,你想要一個外部提供商處理成員登錄。如果是相反的道歉,我表示歉意。

我在umbraco 7.2中都有一個角色提供者和用戶提供者我希望你可以使用我的實現來比較。這個對我有用。

Web.config文件看起來像:

<membership defaultProvider="UmbracoMembershipProvider" userIsOnlineTimeWindow="15"> 
     <providers> 
     <clear/> 
     <!--<add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Hashed" />--> 
     <add name="UsersMembershipProvider" type="Umbraco.Web.Security.Providers.UsersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="4" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" passwordFormat="Hashed"/> 
     <add name="UmbracoMembershipProvider" type="XXX.Model.Membership.SAPMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="_umbracoSystemDefaultProtectType" passwordFormat="Hashed"/> 
     </providers> 
    </membership> 
    <!-- Role Provider --> 
    <roleManager enabled="true" defaultProvider="UmbracoRoleProvider"> 
     <providers> 
     <clear/> 
     <add name="UmbracoRoleProvider" type="XXX.Model.Membership.SAPRoleProvider"/> 
     <!--<add name="UmbracoRoleProvider" type="Umbraco.Web.Security.Providers.MembersRoleProvider"/>--> 
     </providers> 
    </roleManager>

我的角色提供看起來像這樣

public class SAPRoleProvider : Umbraco.Web.Security.Providers.MembersRoleProvider 
     { 

      public override bool IsUserInRole(string username, string roleName) 
      { 
       if (roleName.ToLower() == "standard") 
        return true; 
       else 
        return base.IsUserInRole(username, roleName); 
      } 
      public override string[] GetRolesForUser(string username) 
      { 
       return new[] { "Standard" }; 
      } 
     }

和成員資格提供這樣的:

public class SAPMembershipProvider : Umbraco.Web.Security.Providers.UsersMembershipProvider 
    { 
     public override bool ChangePassword(string username, string oldPassword, string newPassword) 
     { 
      ILoginService Loginss = new LoginService(); 
      return Loginss.ChangePassword(oldPassword, newPassword, username); 
     } 
     public override string ResetPassword(string username, string answer) 
     { 
      ILoginService Loginss = new LoginService(); 
      return Loginss.ResetPassword(username).ToString(); 
     } 
     public override MembershipUser GetUser(object providerUserKey, bool someonelinestuff) 
     { 
      return GetSapUser(providerUserKey); 
     } 


     /// <summary> 
     /// It is not the username but providerUserKey i ask for herem just to test since I am not sure what SAP want right now, regarding request of userdata 
     /// </summary> 
     /// <param name="providerUserKey"></param> 
     /// <param name="someonelinestuff"></param> 
     /// <returns></returns> 
     public override MembershipUser GetUser(string username, bool someonelinestuff) 
     { 
      return GetSapUser(username); 
     } 
     public SAPMembershipUser GetUser(string username) 
     { 
      return (SAPMembershipUser)GetUser(username, false); 
     } 

     public override bool ValidateUser(string username, string password) 
     { 
      try 
      { 
       ILoginService LoginS = new LoginService(); 
       SAPMembershipUser SU = LoginS.Login(username, password); 
       if (SU != null) 
       { 
        FrieLib.CacheHelper.StoreCache(username.ToLower(), SU,true,20); 
        return true; 
       } 
      } 
      catch { return false; } 
      return false; 
     } 


     protected override bool PerformChangePassword(string username, string oldPassword, string newPassword) 
     { 
      ILoginService Loginss = new LoginService(); 
      return Loginss.ChangePassword(oldPassword, newPassword, username); 
     } 
     private SAPMembershipUser GetSapUser(string username) 
     { 

      try 
      { 
       SAPMembershipUser SU = (SAPMembershipUser)FrieLib.CacheHelper.RetrieveCache(username.ToLower()); 
       if (SU != null) 
       { 
        return SU; 
       } 
       else 
       { 
        HttpContext.Current.Response.Redirect("/umbraco/Surface/MemberLoginSurface/MemberLogout"); 
       } 

      } 
      catch (Exception es) 
      { 
       HttpContext.Current.Response.Redirect("/umbraco/Surface/MemberLoginSurface/MemberLogout"); 
      } 
      return null; 
     } 
     private SAPMembershipUser GetSapUser(object providerUserKey) 
     { 
      return GetSapUser(providerUserKey.ToString()); 
     } 
    }

我有一個額外的步驟,我不知道你是否錯過了我確保最終用戶登錄的地方。

[HttpPost] 
     [ActionName("MemberLogin")] 
     public ActionResult MemberLoginPost(MemberLoginModel model) 
     { 
      if (Membership.ValidateUser(model.Username, model.Password)) 
      { 
       FormsAuthentication.SetAuthCookie(model.Username.ToLower(), model.RememberMe); 

        return RedirectToCurrentUmbracoUrl(); 
      } 
      else 
      { 
       TempData["Status"] = "danger"; 
       TempData["StatusMessage"] = "login_fail_message"; 
       return RedirectToCurrentUmbracoPage(); 
      } 
     }

我希望它有幫助。

來源

2015-04-22 14:27:39

+0

您好,感謝您的回答,我有一個類似的實現,但要了解您的情況,如果用戶登錄您正在檢查用戶名和密碼對自己的數據庫,而不是umbraco? –

+0

是的,用戶存儲在SAP中,因此它是一個外部系統。 SAPMembershipUser只是從System.Web.Security.MembershipUser繼承而來。我的想法是,也許你錯過了FormsAuthentication.SetAuthCookie,或者你的ApplicationName或initialize的實現是不明智的。只是一個想法。你應該能夠接受我寫的東西,並取代SAPMembershipUser SU = LoginS.Login(用戶名,密碼);用你自己的代碼... FrieLib.CacheHelper.StoreCache(username.ToLower(),SU,true,20);意味着我緩存服務器上的用戶,所以我可以讓他再次在GetSapUser –

+0

我看到,我也注意到你正在實現Umbraco.Web.Security.Providers.MembersRoleProvider,但我正在實施的asp.net membershipprovider。你認爲這是問題嗎? ps:我在我的登錄中設置authcookie。 –

相關問題

 相關問題