发表新帖
发表新帖

Windows Authentication with ASP.NET MVC

后端 未结
关注
3 1041
悲&欢浪女
悲&欢浪女 2020-12-24 03:58

I\'ve built a custom login system for my asp.net mvc 1.0 web application as I store large amounts of user data for each user (I decided against trying to add custom tables f

相关标签:
3条回答
  • -上瘾入骨i
    2020-12-24 04:41

    If you have Windows Auth enabled on your site then you should be able to use User.Identity.Name to get their NT/Active Directory user name of the currently logged in user, and match that to a column in your users table.

    0 讨论(0)
  • 余生分开走
    2020-12-24 04:43

    If I am understanding your question correctly you want to add some other data linked to a Windows Authenticated user name?

    If so you will need to store the username and this custom information in a new table. The windows authentication data exists in Active Directory so you could look there to get a list of users. You will not get any custom information added to AD automatically when Windows authenticates the user. If you want any custom info you will need to add a custom lookup into AD for it or just lookup your custom data in your database depending on where you decide to store the information.

    Pretty much all you get with the Windows Authentication is the user's username and the ability to check the roles (AD groups) associated with that user. Anything beyond that you will need to manually code up.

    I recently asked about implementing customization beyond the built in security in MVC and came up with a solution on my own. Maybe there is some tidbits that might help you answer your question:

    How to implement authorization checks in ASP.NET MVC based on Session data?

    0 讨论(0)
  • 清歌不尽
    2020-12-24 04:48

    Here's how we've done it for a hybrid forms/windows authentication app:-

    public class MyBaseController
{
  protected override void OnAuthorization( AuthorizationContext authContext )
  {
    if
    (
      !User.Identity.IsAuthenticated &&
      Request.LogonUserIdentity != null &&
      Request.LogonUserIdentity.IsAuthenticated
    )
    {
      String logonUserIdentity = Request.LogonUserIdentity.Name;
      if ( !String.IsNullOrEmpty(logonUserIdentity) )
      {
        User loginUser =
          Context.Users.FirstOrDefault(
            x => x.UserIdentity == logonUserIdentity);
        if ( loginUser != null )
          FormsAuthentication.SetAuthCookie(
            loginUser.LoginName,createPersistentCookie);
    }
  }

    There's some encapsulation that I've taken out for the sake of compactness.

    0 讨论(0)
 看不清?
提交回复
热议问题