标题:验证登录代码,请解释
取消只看楼主
zhengyingcan
Rank: 1
等 级:新手上路
帖 子:412
专家分:6
注 册:2007-10-16
结帖率:89.81%
已结贴  问题点数:0 回复次数:0 
验证登录代码,请解释
以下是高人(动软卓越)的代码   
//验证登录信息,如果验证通过则返回当前用户对象的安全上下文信息
  AccountsPrincipal newUser = AccountsPrincipal.ValidateLogin(userName, Password);
  if (newUser == null)//登录信息不对
  {
  this.lblMsg.Text = "登陆失败: " + userName;
  if ((Session["PassErrorCountAdmin"] != null) && (Session["PassErrorCountAdmin"].ToString() != ""))
  {
  int PassErroeCount = Convert.ToInt32(Session["PassErrorCountAdmin"]);
  Session["PassErrorCountAdmin"] = PassErroeCount + 1;
  }
  else
  {
  Session["PassErrorCountAdmin"] = 1;
  }
  }
---------------------------------------------------------------------

然后我查看AccountsPrincipal.ValidateLogin的定义,如下
 public class AccountsPrincipal : IPrincipal
  {
  protected IIdentity identity;
  protected ArrayList permissionList;
  protected ArrayList permissionListid;
  protected ArrayList roleList;

  public AccountsPrincipal(int userID);
  public AccountsPrincipal(string userName);

  public IIdentity Identity { get; set; }
  public ArrayList Permissions { get; }
  public ArrayList PermissionsID { get; }
  public ArrayList Roles { get; }

  public static byte[] EncryptPassword(string password);
  public bool HasPermission(string permission);
  public bool HasPermissionID(int permissionid);
  public bool IsInRole(string role);
  public static AccountsPrincipal ValidateLogin(string userName, string password);
  }


我的第一个疑问是 为什么public static AccountsPrincipal ValidateLogin(string userName, string password);下面不在用大括号{}了呢, 光突突的好难看.语法感觉怪怪的.
第二点,我觉得AccountsPrincipal 是继承 IPrincipal ,我查看了一下IPrincipal的类,结果如下
 public interface IPrincipal
  {
  // 摘要:
  // Gets the identity of the current principal.
  //
  // 返回结果:
  // The System.Security.Principal.IIdentity object associated with the current
  // principal.
  IIdentity Identity { get; }

  // 摘要:
  // Determines whether the current principal belongs to the specified role.
  //
  // 参数:
  // role:
  // The name of the role for which to check membership.
  //
  // 返回结果:
  // true if the current principal is a member of the specified role; otherwise,
  // false.
  bool IsInRole(string role);
  }
好简单哦,但是如何成就验证用户名和密码正确,还是一个迷
搜索更多相关主题的帖子: 信息 安全 上下文 null 用户 
2011-09-25 16:49



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-350851-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.060125 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved