FormsAuthentication.Encrypt(FormsAuthenticationTicket) Metode
Definisi
Penting
Beberapa informasi terkait produk prarilis yang dapat diubah secara signifikan sebelum dirilis. Microsoft tidak memberikan jaminan, tersirat maupun tersurat, sehubungan dengan informasi yang diberikan di sini.
Membuat string yang berisi tiket autentikasi formulir terenkripsi yang cocok untuk digunakan dalam cookie HTTP.
public:
static System::String ^ Encrypt(System::Web::Security::FormsAuthenticationTicket ^ ticket);public static string Encrypt (System.Web.Security.FormsAuthenticationTicket ticket);static member Encrypt : System.Web.Security.FormsAuthenticationTicket -> stringPublic Shared Function Encrypt (ticket As FormsAuthenticationTicket) As StringParameter
- ticket
- FormsAuthenticationTicket
Objek FormsAuthenticationTicket untuk membuat tiket autentikasi formulir terenkripsi.
Mengembalikan
String yang berisi tiket autentikasi formulir terenkripsi.
Pengecualian
ticketadalah null.
Contoh
Contoh kode berikut menyimpan hasil Encrypt metode dalam cookie dengan menggunakan FormsCookieName properti dan mengalihkan pengguna ke URL yang dikembalikan dari GetRedirectUrl metode .
Penting
Contoh ini berisi kotak teks yang menerima input pengguna, yang merupakan potensi ancaman keamanan. Secara default, ASP.NET halaman Web memvalidasi bahwa input pengguna tidak menyertakan elemen skrip atau HTML. Untuk informasi selengkapnya, lihat Gambaran Umum Eksploitasi Skrip.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
private void Login_Click(Object sender, EventArgs e)
{
// Create a custom FormsAuthenticationTicket containing
// application specific data for the user.
string username = UserNameTextBox.Text;
string password = UserPassTextBox.Text;
bool isPersistent = false;
if (Membership.ValidateUser(username, password))
{
string userData = "ApplicationSpecific data for this user.";
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(30),
isPersistent,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
// Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
}
else
{
Msg.Text = "Login failed. Please check your user name and password and try again.";
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND: #80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Private Sub Login_Click(sender As Object, e As EventArgs)
' Create a custom FormsAuthenticationTicket containing
' application specific data for the user.
Dim username As String = UserNameTextBox.Text
Dim password As String = UserPassTextBox.Text
Dim isPersistent As Boolean = False
If Membership.ValidateUser(username, password) Then
Dim userData As String = "ApplicationSpecific data for this user."
Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
username, _
DateTime.Now, _
DateTime.Now.AddMinutes(30), _
isPersistent, _
userData, _
FormsAuthentication.FormsCookiePath)
' Encrypt the ticket.
Dim encTicket As String = FormsAuthentication.Encrypt(ticket)
' Create the cookie.
Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))
' Redirect back to original URL.
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
Else
Msg.Text = "Login failed. Please check your user name and password and try again."
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<span style="BACKGROUND:#80ff80; font-weight:bold">
Login Page
</span>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0">
<tbody>
<tr>
<td>Username:</td>
<td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator1"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserNameTextBox" />
</td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
<td>
<asp:RequiredFieldValidator id="RequiredFieldValidator2"
runat="server" ErrorMessage="*"
Display="Static"
ControlToValidate="UserPassTextBox" />
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
</form>
</body>
</html>
Berlaku untuk
Lihat juga
Berkolaborasi dengan kami di GitHub
Sumber untuk konten ini dapat ditemukan di GitHub, yang juga dapat Anda gunakan untuk membuat dan meninjau masalah dan menarik permintaan. Untuk informasi selengkapnya, lihat panduan kontributor kami.
