用户权限和角色验证

前段时间了为了班级比赛参加了网页设计，顺便也想学习一下ASP.NET。因为写的是Blog，加入了后台和用户权限管理等功能。
首先在Web.config里面加入权限验证提供程序：

  <system.web>
    <roleManager defaultProvider="MyRoleProvider" enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All" >
      <providers>
        <clear />
        <add name="MyRoleProvider" type="blog1.MyRoleProvider" writeExceptionsToEventLog="false" />
      </providers>
    </roleManager>
  </system.web>

然后需要手动写MyRoleProvider继承System.Web.Security.RoleProvider，因为考虑角色，所以只需要重写GetRolesForUser，其他的都抛出错误就行了。

public class MyRoleProvider : System.Web.Security.RoleProvider
    {
        public override string[] GetRolesForUser(string username)
        {
            FormsIdentity Id = HttpContext.Current.User.Identity as FormsIdentity;
            if (Id != null)
            {
                return Id.Ticket.UserData.Split(new Char[] { ',' });
            }
            return null;
        }
        public override void AddUsersToRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }
        public override void CreateRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
        {
            throw new NotImplementedException();
        }

        public override string[] FindUsersInRole(string roleName, string usernameToMatch)
        {
            throw new NotImplementedException();
        }

        public override string[] GetAllRoles()
        {
            throw new NotImplementedException();
        }

        public override string[] GetUsersInRole(string roleName)
        {
            throw new NotImplementedException();
        }

        public override bool IsUserInRole(string username, string roleName)
        {
            throw new NotImplementedException();
        }

        public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
        {
            throw new NotImplementedException();
        }

        public override bool RoleExists(string roleName)
        {
            throw new NotImplementedException();
        }

        public override string ApplicationName
        {
            get
            {
                throw new NotImplementedException();
            }
            set
            {
                throw new NotImplementedException();
            }
        }
    }

验证成功之后，编写Cookie：

        System.Web.Security.FormsAuthentication.SetAuthCookie(Login1.UserName,false,FormsAuthentication.FormsCookiePath);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Login1.UserName, DateTime.Now, DateTime.Now.AddMinutes(20), false, role, FormsAuthentication.FormsCookiePath);
// generate new identity
FormsIdentity identity = new FormsIdentity(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
// write to client.
Response.Cookies.Add(cookie);

对于需要验证的地方只需要在Web.config里面加入：

  <location path="Admin">
    <system.web>
      <authorization>
        <allow roles="Admins"/>
        <deny users="*"/>
      </authorization>
    </system.web>
  </location>

其中*代表所有用户，?代表匿名用户