FormsAuthentication.Encrypt(FormsAuthenticationTicket) Método
Definición
Importante
Parte de la información hace referencia a la versión preliminar del producto, que puede haberse modificado sustancialmente antes de lanzar la versión definitiva. Microsoft no otorga ninguna garantía, explícita o implícita, con respecto a la información proporcionada aquí.
Crea una cadena que contiene un vale de autenticación de formularios cifrado apto para utilizarlo en una cookie HTTP.
public:
static System::String ^ Encrypt(System::Web::Security::FormsAuthenticationTicket ^ ticket);public static string Encrypt (System.Web.Security.FormsAuthenticationTicket ticket);static member Encrypt : System.Web.Security.FormsAuthenticationTicket -> stringPublic Shared Function Encrypt (ticket As FormsAuthenticationTicket) As StringParámetros
- ticket
- FormsAuthenticationTicket
Objeto FormsAuthenticationTicket con el que se creará el vale de autenticación de formularios cifrado.
Devoluciones
Cadena que contiene un vale de autenticación de formularios cifrado.
Excepciones
ticket es null.
Ejemplos
En el ejemplo de código siguiente se almacena el resultado del Encrypt método en una cookie mediante la FormsCookieName propiedad y se redirige al usuario a la dirección URL devuelta desde el GetRedirectUrl método .
Importante
Este ejemplo contiene un cuadro de texto que acepta la entrada del usuario, que es una amenaza de seguridad potencial. De forma predeterminada, ASP.NET Web Pages valida que los datos proporcionados por el usuario no incluyen elementos HTML ni de script. Para más información, consulte Información general sobre los ataques mediante scripts.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
private void Login_Click(Object sender, EventArgs e)
{
// Create a custom FormsAuthenticationTicket containing
// application specific data for the user.
string username = UserNameTextBox.Text;
string password = UserPassTextBox.Text;
bool isPersistent = false;
if (Membership.ValidateUser(username, password))
{
string userData = "ApplicationSpecific data for this user.";
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
isPersistent,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
// Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}
else
{
Msg.Text = "Login failed. Please check your user name and password and try again.";
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND: #80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Private Sub Login_Click(sender As Object, e As EventArgs)
' Create a custom FormsAuthenticationTicket containing
' application specific data for the user.
Dim username As String = UserNameTextBox.Text
Dim password As String = UserPassTextBox.Text
Dim isPersistent As Boolean = False
If Membership.ValidateUser(username, password) Then
Dim userData As String = "ApplicationSpecific data for this user."
Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
username, _
DateTime.Now, _
DateTime.Now.AddMinutes(30), _
isPersistent, _
userData, _
FormsAuthentication.FormsCookiePath)
' Encrypt the ticket.
Dim encTicket As String = FormsAuthentication.Encrypt(ticket)
' Create the cookie.
Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))
' Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
Else
Msg.Text = "Login failed. Please check your user name and password and try again."
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND:#80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>