开发者

Using Session to store authentication?

问答 作者:

I'm having a开发者_如何学编程 lot of problems with FormsAuthentication and as as potential work around I'm thinking about storing the login in the Session?

Login:
Session["Auth.ClientId"] = clientId;

IsAuthenticated:
Session["Auth.ClientId"] != null;

Logout;
Session["Auth.ClientId"] == null;

I'm not really using most of the bells and whistles of FormsAuthentication anyway. Is this a bad idea?

I would not store any valuable information in the session.

For authentication I would use:

if (HttpContext.Current.User.Identity.IsAuthenticated)
{
    // Then u use 
    // this.User.Identity.Name as my membership_id so i could call this everywhere
}else
{
    //Redirect to Login
    //gettting my LoginPageAddress
    Response.Redirect(ConfigurationSettings.AppSettings["LoginPage"]);
}

Login is something like this:

FormsAuthentication.SetAuthCookie(membership_ID, false)

Anyway hope this helps

i don't think it's an bad idea, i've seen plenty of sites using session together with a db to store auth data, however there are other ways to get around not using the formsauthentication tables but still be able to use things like roles.

How do I create a custom membership provider for ASP.NET MVC 2?

has good examples of that.

继续阅读:asp.netforms-authentication

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9