Bagikan melalui


FormsAuthentication.Encrypt(FormsAuthenticationTicket) Metode

Definisi

Membuat string yang berisi tiket autentikasi formulir terenkripsi yang cocok untuk digunakan dalam cookie HTTP.

public:
 static System::String ^ Encrypt(System::Web::Security::FormsAuthenticationTicket ^ ticket);
public static string Encrypt (System.Web.Security.FormsAuthenticationTicket ticket);
static member Encrypt : System.Web.Security.FormsAuthenticationTicket -> string
Public Shared Function Encrypt (ticket As FormsAuthenticationTicket) As String

Parameter

ticket
FormsAuthenticationTicket

Objek FormsAuthenticationTicket untuk membuat tiket autentikasi formulir terenkripsi.

Mengembalikan

String yang berisi tiket autentikasi formulir terenkripsi.

Pengecualian

ticketadalah null.

Contoh

Contoh kode berikut menyimpan hasil Encrypt metode dalam cookie dengan menggunakan FormsCookieName properti dan mengalihkan pengguna ke URL yang dikembalikan dari GetRedirectUrl metode .

Penting

Contoh ini berisi kotak teks yang menerima input pengguna, yang merupakan potensi ancaman keamanan. Secara default, ASP.NET halaman Web memvalidasi bahwa input pengguna tidak menyertakan elemen skrip atau HTML. Untuk informasi selengkapnya, lihat Gambaran Umum Eksploitasi Skrip.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  private void Login_Click(Object sender, EventArgs e)
  {
    // Create a custom FormsAuthenticationTicket containing
    // application specific data for the user.

    string username     = UserNameTextBox.Text;
    string password     = UserPassTextBox.Text;
    bool   isPersistent = false;

    if (Membership.ValidateUser(username, password))
    {
      string userData = "ApplicationSpecific data for this user.";

      FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
        username,
        DateTime.Now,
        DateTime.Now.AddMinutes(30),
        isPersistent,
        userData,
        FormsAuthentication.FormsCookiePath);

      // Encrypt the ticket.
      string encTicket = FormsAuthentication.Encrypt(ticket);

      // Create the cookie.
      Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));

      // Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
    }
    else
    {
      Msg.Text = "Login failed. Please check your user name and password and try again.";
    }
  }

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND: #80ff80; font-weight:bold"> 
            Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

  Private Sub Login_Click(sender As Object, e As EventArgs)
  
    ' Create a custom FormsAuthenticationTicket containing
    ' application specific data for the user.

        Dim username As String = UserNameTextBox.Text
        Dim password As String = UserPassTextBox.Text
        Dim isPersistent As Boolean = False

    If Membership.ValidateUser(username, password) Then
    
      Dim userData As String = "ApplicationSpecific data for this user."

      Dim ticket As FormsAuthenticationTicket = New FormsAuthenticationTicket(1, _
        username, _
        DateTime.Now, _
        DateTime.Now.AddMinutes(30), _
        isPersistent, _
        userData, _
        FormsAuthentication.FormsCookiePath)

      ' Encrypt the ticket.
      Dim encTicket As String = FormsAuthentication.Encrypt(ticket)

      ' Create the cookie.
      Response.Cookies.Add(New HttpCookie(FormsAuthentication.FormsCookieName, encTicket))

      ' Redirect back to original URL.
      Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent))
    Else    
      Msg.Text = "Login failed. Please check your user name and password and try again."
    End If
  End Sub

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Forms Authentication Login</title>
</head>
<body>
    <form id="form1" runat="server">
        <span style="BACKGROUND:#80ff80; font-weight:bold"> 
          Login Page
        </span> 
        <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
        <table border="0">
            <tbody>
                <tr>
                    <td>Username:</td>
                    <td><asp:TextBox id="UserNameTextBox" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator1" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserNameTextBox" />
                    </td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><asp:TextBox id="UserPassTextBox" TextMode="Password" runat="server" /></td>
                    <td>
                      <asp:RequiredFieldValidator id="RequiredFieldValidator2" 
                                                  runat="server" ErrorMessage="*" 
                                                  Display="Static" 
                                                  ControlToValidate="UserPassTextBox" />
                    </td>
                </tr>
            </tbody>
        </table>
        <input type="submit" value="Login" runat="server" onserverclick="Login_Click" />
    </form>
</body>
</html>

Berlaku untuk

Lihat juga