单点登陆的ASP.NET应用程序设计[zt]
生活随笔
收集整理的這篇文章主要介紹了
单点登陆的ASP.NET应用程序设计[zt]
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
大致有三種處理方式.
????一,把用戶登陸信息記錄在數據庫中,每次登陸去數據庫里查找用戶登陸狀態,這種處理方式存在一種特列,如果用戶非正常退出,容易出現死鎖的情況.
????二,把用戶信息記錄在COOKEE中.這種方式沒有進行研究,具體問題和風險有待研究.
????三,利用SESSION來保存用戶信息.這種方式?HttpApplicationState保存了大量數據,對性能有一定的風險,暫時20個點登陸,還未出現問題.
????下面就第三種處理方式介紹如下:
????基礎知識:
????HttpContext類:封裝有關個別 HTTP 請求的所有 HTTP 特定的信息。?
????HttpApplicationState類:啟用 ASP.NET 應用程序中多個會話和請求之間的全局信息共享。
????HttpSessionState類:提供對會話狀態值以及會話級別設置和生存期管理方法的訪問
Code
首先,設置web.config中的<appSettings>??
?????<appSettings>
?????<add?key="SQLServerConnStr"?value="uid=sa;password=123;database=Northwind;data?source=(local)"/>?
???</appSettings>
????和認證方式
????<authentication?mode="Forms"?>
??<forms??name=".ASPXAUTH"
??????loginUrl="WebForm1.aspx"?
??????protection="All"??
??????timeout="30"?
??????path="/"?>
??
??</forms>
????</authentication>?
Code
using?System;
using?System.Collections.Specialized;
using?System.Data;
using?System.Data.SqlClient;
using?System.Web;
using?System.Web.Security;
using?System.Collections;
using?System.Security;
using?System.Configuration;
namespace?SingleLoginTest
{
?///?<summary>
?///?BLL?的摘要說明。
?///?</summary>
?public?class?BLL
?{
??private?static?string?_SqlConn?=?ConfigurationSettings.AppSettings["SQLServerConnStr"].ToString();
??
??public?BLL()
??{
???//
???//?TODO:?在此處添加構造函數邏輯
???//
???//_SqlConn?=?ConfigurationSettings.AppSettings["SQLServerConnStr"].ToString();
???
??}
??///?<summary>
??///?用戶登陸
??///?</summary>
??///?<param?name="userId"></param>
??///?<returns></returns>
??public?static?bool?Login(string?userId)
??{
???//初試返回變量
???bool?retcode?=?false;
???if?(userId?==?"")
????return?retcode;
???//查詢此用戶存不存在
???if?(GetUser(userId)?==?false)
???{
????return?retcode;
???}
???else
???{
????retcode?=?true?;
???}
???//判斷有沒有登陸過
???IsUserExist(?userId);
???HttpContext.Current.Session["Name"]=userId;
???FormsAuthentication.RedirectFromLoginPage(userId,?false);
???FormsAuthentication.SetAuthCookie(userId,?false);
???//寫認證
???Hashtable?_hash?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_hash?==?null)
???{
????_hash?=?new?Hashtable();
????HttpContext.Current.Application.Add("online",_hash);
???}
???_hash[HttpContext.Current.Session.SessionID]?=?HttpContext.Current.Session?;
???HttpContext.Current.Application["online"]?=?_hash;
??
???return?retcode;
???//返回
??}
??///?<summary>
??///?判斷用戶是否在線
??///?</summary>
??///?<param?name="userId"></param>
??///?<returns></returns>
??public?static?bool?IsUserExist(string?userId)
??{
???bool?retcode?=?false;
???Hashtable?_table?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_table?==?null)
????return?retcode;
???IDictionaryEnumerator?e?=?_table.GetEnumerator();
???while?(e.MoveNext())
???{
????System.Web.SessionState.HttpSessionState?session?=?(System.Web.SessionState.HttpSessionState)e.Value;
????if?(session?==?null)
?????continue;
????string?tmpuserId?=?session["Name"].ToString();
????if?(?userId?==?tmpuserId?)???//存在用戶
????{
?????//清除他
?????session.Clear();
?????session.Abandon();
?????_table.Remove(e);
?????HttpContext.Current.Application["online"]?=?_table;
?????string?script?=?"<script?language=javascript>alert('在異地登陸,迫使他下線!')</script>";
?????HttpContext.Current.Response.Write(script);
?????retcode?=?true;
?????break;
????}
???}
???return?retcode;
??}
??///?<summary>
??///?注銷
??///?</summary>
??public?static?void??LoginOut()
??{
???//?Clear?the?authentication?ticket
???FormsAuthentication.SignOut();
???//?Clear?the?contents?of?their?session
???HttpContext.Current.Session.Clear();
???//?Tell?the?system?to?drop?the?session?reference?so?that?it?does?
???//?not?need?to?be?carried?around?with?the?user
???HttpContext.Current.Session.Abandon();
??}
??
??///?<summary>
??///?刪除用戶
??///?</summary>
??///?<param?name="userId"></param>
??public?static?void?Remove(string?userId)
??{
???Hashtable?_table?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_table?==?null)
????return?;
???IDictionaryEnumerator?e?=?_table.GetEnumerator();
???while?(e.MoveNext())
???{
????System.Web.SessionState.HttpSessionState?session?=?(System.Web.SessionState.HttpSessionState)e.Value;
????string?_userid?=?session["Name"].ToString();
????if?(_userid?==?userId)
????{
?????session.Clear();
?????session.Abandon();
?????_table.Remove(e);
?????HttpContext.Current.Application["online"]?=?_table;
?????break;
????}
???}
??}
}
????一,把用戶登陸信息記錄在數據庫中,每次登陸去數據庫里查找用戶登陸狀態,這種處理方式存在一種特列,如果用戶非正常退出,容易出現死鎖的情況.
????二,把用戶信息記錄在COOKEE中.這種方式沒有進行研究,具體問題和風險有待研究.
????三,利用SESSION來保存用戶信息.這種方式?HttpApplicationState保存了大量數據,對性能有一定的風險,暫時20個點登陸,還未出現問題.
????下面就第三種處理方式介紹如下:
????基礎知識:
????HttpContext類:封裝有關個別 HTTP 請求的所有 HTTP 特定的信息。?
????HttpApplicationState類:啟用 ASP.NET 應用程序中多個會話和請求之間的全局信息共享。
????HttpSessionState類:提供對會話狀態值以及會話級別設置和生存期管理方法的訪問
Code
首先,設置web.config中的<appSettings>??
?????<appSettings>
?????<add?key="SQLServerConnStr"?value="uid=sa;password=123;database=Northwind;data?source=(local)"/>?
???</appSettings>
????和認證方式
????<authentication?mode="Forms"?>
??<forms??name=".ASPXAUTH"
??????loginUrl="WebForm1.aspx"?
??????protection="All"??
??????timeout="30"?
??????path="/"?>
??
??</forms>
????</authentication>?
Code
using?System;
using?System.Collections.Specialized;
using?System.Data;
using?System.Data.SqlClient;
using?System.Web;
using?System.Web.Security;
using?System.Collections;
using?System.Security;
using?System.Configuration;
namespace?SingleLoginTest
{
?///?<summary>
?///?BLL?的摘要說明。
?///?</summary>
?public?class?BLL
?{
??private?static?string?_SqlConn?=?ConfigurationSettings.AppSettings["SQLServerConnStr"].ToString();
??
??public?BLL()
??{
???//
???//?TODO:?在此處添加構造函數邏輯
???//
???//_SqlConn?=?ConfigurationSettings.AppSettings["SQLServerConnStr"].ToString();
???
??}
??///?<summary>
??///?用戶登陸
??///?</summary>
??///?<param?name="userId"></param>
??///?<returns></returns>
??public?static?bool?Login(string?userId)
??{
???//初試返回變量
???bool?retcode?=?false;
???if?(userId?==?"")
????return?retcode;
???//查詢此用戶存不存在
???if?(GetUser(userId)?==?false)
???{
????return?retcode;
???}
???else
???{
????retcode?=?true?;
???}
???//判斷有沒有登陸過
???IsUserExist(?userId);
???HttpContext.Current.Session["Name"]=userId;
???FormsAuthentication.RedirectFromLoginPage(userId,?false);
???FormsAuthentication.SetAuthCookie(userId,?false);
???//寫認證
???Hashtable?_hash?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_hash?==?null)
???{
????_hash?=?new?Hashtable();
????HttpContext.Current.Application.Add("online",_hash);
???}
???_hash[HttpContext.Current.Session.SessionID]?=?HttpContext.Current.Session?;
???HttpContext.Current.Application["online"]?=?_hash;
??
???return?retcode;
???//返回
??}
??///?<summary>
??///?判斷用戶是否在線
??///?</summary>
??///?<param?name="userId"></param>
??///?<returns></returns>
??public?static?bool?IsUserExist(string?userId)
??{
???bool?retcode?=?false;
???Hashtable?_table?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_table?==?null)
????return?retcode;
???IDictionaryEnumerator?e?=?_table.GetEnumerator();
???while?(e.MoveNext())
???{
????System.Web.SessionState.HttpSessionState?session?=?(System.Web.SessionState.HttpSessionState)e.Value;
????if?(session?==?null)
?????continue;
????string?tmpuserId?=?session["Name"].ToString();
????if?(?userId?==?tmpuserId?)???//存在用戶
????{
?????//清除他
?????session.Clear();
?????session.Abandon();
?????_table.Remove(e);
?????HttpContext.Current.Application["online"]?=?_table;
?????string?script?=?"<script?language=javascript>alert('在異地登陸,迫使他下線!')</script>";
?????HttpContext.Current.Response.Write(script);
?????retcode?=?true;
?????break;
????}
???}
???return?retcode;
??}
??///?<summary>
??///?注銷
??///?</summary>
??public?static?void??LoginOut()
??{
???//?Clear?the?authentication?ticket
???FormsAuthentication.SignOut();
???//?Clear?the?contents?of?their?session
???HttpContext.Current.Session.Clear();
???//?Tell?the?system?to?drop?the?session?reference?so?that?it?does?
???//?not?need?to?be?carried?around?with?the?user
???HttpContext.Current.Session.Abandon();
??}
??
??///?<summary>
??///?刪除用戶
??///?</summary>
??///?<param?name="userId"></param>
??public?static?void?Remove(string?userId)
??{
???Hashtable?_table?=?(Hashtable)HttpContext.Current.Application["online"];
???if?(_table?==?null)
????return?;
???IDictionaryEnumerator?e?=?_table.GetEnumerator();
???while?(e.MoveNext())
???{
????System.Web.SessionState.HttpSessionState?session?=?(System.Web.SessionState.HttpSessionState)e.Value;
????string?_userid?=?session["Name"].ToString();
????if?(_userid?==?userId)
????{
?????session.Clear();
?????session.Abandon();
?????_table.Remove(e);
?????HttpContext.Current.Application["online"]?=?_table;
?????break;
????}
???}
??}
}
轉載于:https://www.cnblogs.com/bobofsj11/archive/2009/09/02/1558736.html
總結
以上是生活随笔為你收集整理的单点登陆的ASP.NET应用程序设计[zt]的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 实时数据库系统选型
- 下一篇: Gridview分页模板