Windows 身份验证模式的行为,带有表单子元素?
Behaviour of Windows authentication mode, with forms child element?
配置 ASP.NET 身份验证时,当您将身份验证模式设置为 Windows
但有子 forms
元素时,行为应该是什么?例如,以下配置作为默认设置 in MSDN:
<authentication mode="Windows">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
defaultUrl="default.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false"
slidingExpiration="true"
cookieless="UseDeviceProfile" domain=""
enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1" />
</forms>
<passport redirectUrl="internal" />
</authentication>
但是,我看到这里发生的事情的文档为零。 forms
子元素的所有文档均假定身份验证模式为 Forms
。特别奇怪的是,这没有记录在案,因为这是默认设置。那么为什么Windows
认证模式会有一个forms
子元素呢?子元素是否被忽略,它只是作为您将模式切换到 Forms
时可能想要的示例,还是它做更多的事情?
我认为这只是为了举例。我无法向您指出任何文档,但查看代码,看起来 forms 设置仅在 authentication 模式为 表格。
以下来自FormsAuthenticationModule.cs
public void Init(HttpApplication app) {
// 身份验证只是一个应用级别的设置
// 所以我们可以尽早阅读应用程序配置,尝试尝试
// 跳过连接事件委托
如果(!_fAuthChecked){
_fAuthRequired = (AuthenticationConfig.Mode == AuthenticationMode.Forms);
_fAuthChecked = 真;
}
如果(_fAuthRequired){
// 如果模式是表单验证则初始化
<strong>FormsAuthentication.Initialize();</strong>
app.AuthenticateRequest += new EventHandler(this.OnEnter);
app.EndRequest += new EventHandler(this.OnLeave);
}
}
请注意 FormsAuthentication.Initialize 仅在 mode 为 forms[=35= 时调用],它从 web.config 文件中读取 forms 设置。
代码来自FormsAuthenciation.cs文件
///
/// Initializes FormsAuthentication by reading
/// configuration and getting the cookie values and encryption keys for the given
/// application.
///
public static void Initialize() {
if (_Initialized)
return;
lock(_lockObject) {
if (_Initialized)
return;
AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication;
settings.ValidateAuthenticationMode();
_FormsName = settings.Forms.Name;
_RequireSSL = settings.Forms.RequireSSL;
_SlidingExpiration = settings.Forms.SlidingExpiration;
if (_FormsName == null)
_FormsName = CONFIG_DEFAULT_COOKIE;
_Protection = settings.Forms.Protection;
_Timeout = (int) settings.Forms.Timeout.TotalMinutes;
_FormsCookiePath = settings.Forms.Path;
_LoginUrl = settings.Forms.LoginUrl;
if (_LoginUrl == null)
_LoginUrl = "login.aspx";
_DefaultUrl = settings.Forms.DefaultUrl;
if (_DefaultUrl == null)
_DefaultUrl = "default.aspx";
_CookieMode = settings.Forms.Cookieless;
_CookieDomain = settings.Forms.Domain;
_EnableCrossAppRedirects = settings.Forms.EnableCrossAppRedirects;
_TicketCompatibilityMode = settings.Forms.TicketCompatibilityMode;
_Initialized = true;
}
}
配置 ASP.NET 身份验证时,当您将身份验证模式设置为 Windows
但有子 forms
元素时,行为应该是什么?例如,以下配置作为默认设置 in MSDN:
<authentication mode="Windows">
<forms
name=".ASPXAUTH"
loginUrl="login.aspx"
defaultUrl="default.aspx"
protection="All"
timeout="30"
path="/"
requireSSL="false"
slidingExpiration="true"
cookieless="UseDeviceProfile" domain=""
enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1" />
</forms>
<passport redirectUrl="internal" />
</authentication>
但是,我看到这里发生的事情的文档为零。 forms
子元素的所有文档均假定身份验证模式为 Forms
。特别奇怪的是,这没有记录在案,因为这是默认设置。那么为什么Windows
认证模式会有一个forms
子元素呢?子元素是否被忽略,它只是作为您将模式切换到 Forms
时可能想要的示例,还是它做更多的事情?
我认为这只是为了举例。我无法向您指出任何文档,但查看代码,看起来 forms 设置仅在 authentication 模式为 表格。
以下来自FormsAuthenticationModule.cs
public void Init(HttpApplication app) {
// 身份验证只是一个应用级别的设置
// 所以我们可以尽早阅读应用程序配置,尝试尝试
// 跳过连接事件委托
如果(!_fAuthChecked){
_fAuthRequired = (AuthenticationConfig.Mode == AuthenticationMode.Forms);
_fAuthChecked = 真;
}
如果(_fAuthRequired){
// 如果模式是表单验证则初始化
<strong>FormsAuthentication.Initialize();</strong>
app.AuthenticateRequest += new EventHandler(this.OnEnter);
app.EndRequest += new EventHandler(this.OnLeave);
}
}
请注意 FormsAuthentication.Initialize 仅在 mode 为 forms[=35= 时调用],它从 web.config 文件中读取 forms 设置。
代码来自FormsAuthenciation.cs文件
///
/// Initializes FormsAuthentication by reading
/// configuration and getting the cookie values and encryption keys for the given
/// application.
///
public static void Initialize() {
if (_Initialized)
return;
lock(_lockObject) {
if (_Initialized)
return;
AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication;
settings.ValidateAuthenticationMode();
_FormsName = settings.Forms.Name;
_RequireSSL = settings.Forms.RequireSSL;
_SlidingExpiration = settings.Forms.SlidingExpiration;
if (_FormsName == null)
_FormsName = CONFIG_DEFAULT_COOKIE;
_Protection = settings.Forms.Protection;
_Timeout = (int) settings.Forms.Timeout.TotalMinutes;
_FormsCookiePath = settings.Forms.Path;
_LoginUrl = settings.Forms.LoginUrl;
if (_LoginUrl == null)
_LoginUrl = "login.aspx";
_DefaultUrl = settings.Forms.DefaultUrl;
if (_DefaultUrl == null)
_DefaultUrl = "default.aspx";
_CookieMode = settings.Forms.Cookieless;
_CookieDomain = settings.Forms.Domain;
_EnableCrossAppRedirects = settings.Forms.EnableCrossAppRedirects;
_TicketCompatibilityMode = settings.Forms.TicketCompatibilityMode;
_Initialized = true;
}
}