Sha*_*ica 5 air asp.net asp.net-mvc
验证后我的登录代码:
var authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddMinutes(20), // expiry
false,
roles,
"/");
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket));
Response.Cookies.Add(cookie);
并且,感谢Darin Dimitrov,我有一个自定义的Authorize属性:
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = true)]
public class TJAuthorize : AuthorizeAttribute {
public override void OnAuthorization(AuthorizationContext filterContext) {
string cookieName = FormsAuthentication.FormsCookieName;
if (!filterContext.HttpContext.User.Identity.IsAuthenticated ||
filterContext.HttpContext.Request.Cookies == null || filterContext.HttpContext.Request.Cookies[cookieName] == null) {
HandleUnauthorizedRequest(filterContext);
return;
}
var authCookie = filterContext.HttpContext.Request.Cookies[cookieName];
var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
string[] roles = authTicket.UserData.Split(',');
var userIdentity = new GenericIdentity(authTicket.Name);
var userPrincipal = new GenericPrincipal(userIdentity, roles);
filterContext.HttpContext.User = userPrincipal;
base.OnAuthorization(filterContext);
}
当我在浏览器会话中工作时,这一切都很好用.但现在我正在使用Flash/Adobe Air客户端,并且身份验证属性导致失败.通过将调试语句放入代码中,我可以说:
filterContext.HttpContext.User.Identity.IsAuthenticated
是错误的 - 即使在成功登录后!
为什么使用浏览器客户端和Air客户端之间有什么区别?我该如何解决这个问题?
编辑:另一个线索:在输入一些更多的调试语句后,我发现filterContext.HttpContext.User.Identity从Air调用时没有正确设置 - 该Name属性是空白的!会话ID正确,cookie ID正确 - 但未User.Identity设置.任何想法为什么会这样?
也许 HttpCookieMode (http://msdn.microsoft.com/en-us/library/system.web.httpcookiemode.aspx) 设置为错误的值?
默认是 UseDeviceProfile ...当你强制它使用 UseCookies 时会发生什么?
| 归档时间: |
|
| 查看次数: |
2606 次 |
| 最近记录: |