步驟:
1. 登錄時手動設置FormsAuthenticationTicket,代碼如下:
// 可手動添加FormsAuthenticationTicket
FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, "username", DateTime.Now, DateTime.Now.AddMinutes(20), false, "admin");
// 加密
string HashTicket = FormsAuthentication.Encrypt(Ticket);
// 生成cookie
HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket);
// 身份驗證票Cookie輸出到客戶端
Response.Cookies.Add(UserCookie);
2.在Global中增加以下代碼:
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
//Construst the GeneralPrincipal and FormsIdentity objects
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (null == authCookie)
{
//no authentication cokie present
return;
}
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
if (null == authTicket)
{
//could not decrypt cookie
return;
}
//get the role
string[] role = authTicket.UserData.Split(new char[] { ',' });
FormsIdentity id = new FormsIdentity(authTicket);
Context.User = new GenericPrincipal(id, role);
}
這樣,我們在程序中就可以使用[Authorize(Roles="admin")]進行驗證了。
轉載於http://www.lishango.com http://www.cnblogs.com/wangjq/archive/2011/03/08/1977205.html