开发者

Remove case sensitivity from FormsAuthentication.Authenticate of user name/password

The below code and the config works fine, but force to enter user name/password case sensitively, i want to make it non case sensitive.

Code:

protected void LoginButton_Click(object sender, EventArgs e)
        {
            try
            {
                string uid = UserText.Text.Trim();
                string pwd= PwdText.Text.Trim();

                if (string.IsNullOrEmpty(uid) ||
                    string.IsNullOrEmpty(pwd))
                {
                    throw new ApplicationException("UserName or Password should not be blank.");
                }

                bool isAuthrnticated = FormsAuthentication.Authenticate(uid, pwd);

                if (isAuthrnticated)
                {
                    FormsAuthentication.SetAuthCookie("Admin", false);

                    //...
                }
                else
                {
                    ((Site)this.Master).ShowError("Invalid UserName/Password.", ErrorSeverity.Warning);
                }
            }
            catch (Exception ex)
            {
                ErrorLogger.LogError(ex);
                ((Site)this.Master).ShowError(ex.Message, ErrorSeverity.Warning);
            }
        }

Web.Config

<authentication mode="Forms">
  <forms defaultUrl="~/Default.aspx" loginUrl="~/Default.aspx" slidingExpiration="true" timeout="1000">
    <credentials passwordFormat="Clear">
      <user开发者_如何学编程 name="Admin" password="ZAdmin"/>
    </credentials>
  </forms>
</authentication>


By default, usernames are not case sensetive and passwords are. The easiest way to do this is when they register, change both un and pw to either ToUpper() or ToLower() and then when you are authenticating, do the same to whatever they enter.

string uid = UserText.Text.Trim().ToUpper();
string pwd= PwdText.Text.Trim().ToUpper();


When you store the username and password, instead of storing them as-is, call ToUpper() on them first. Then do the same thing to the strings you pass in to FormsAuthentication.Authenticate(). That way, both will have been converted to all-uppercase versions before comparing, rendering case irrelevant.


Set collations of your database so you do not need to keep track of case sensitivity http://web.archive.org/web/20080811231016/http://sqlserver2000.databases.aspfaq.com:80/how-can-i-make-my-sql-queries-case-sensitive.html

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜