abasfar
پنج شنبه 05 آذر 1394, 10:37 صبح
سلام دوستان من توسط کد زیر تشخیص هویت کاربران را انجام می دهم اما مشکل اینجاست که نمی توانم signout بشم ممنون میشم راهنمایی بفرمایید
public class BasicAuthHttpModule : IHttpModule
{
private const string Realm = "...";
public void Init(HttpApplication context)
{
// Register event handlers
context.AuthenticateRequest += OnApplicationAuthenticateRequest;
context.EndRequest += OnApplicationEndRequest;
}
private static void SetPrincipal(IPrincipal principal)
{
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
}
// TODO: Here is where you would validate the username and password.
private static bool CheckPassword(string username, string password)
{
return Membership.ValidateUser(username, password);
}
private static void AuthenticateUser(string credentials)
{
try
{
credentials = Encoding.ASCII.GetString(Convert.FromBase64String( credentials));
int separator = credentials.IndexOf(':');
string username = credentials.Substring(0, separator);
string password = credentials.Substring(separator + 1);
if (CheckPassword(username, password))
{
var identity = new GenericIdentity(username);
string[] roles = Roles.Provider.GetRolesForUser(username);
SetPrincipal(new GenericPrincipal(identity, roles));
}
else
{
HttpContext.Current.Response.StatusCode = 401;
}
}
catch (FormatException)
{
HttpContext.Current.Response.StatusCode = 401;
}
}
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
{
var request = HttpContext.Current.Request;
var authHeader = request.Headers["Authorization"];
if (authHeader != null)
{
var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);
if (authHeaderVal.Scheme.Equals("basic",StringComparison.OrdinalIgnoreCase) && authHeaderVal.Parameter != null)
{
AuthenticateUser(authHeaderVal.Parameter);
}
}
}
// If the request was unauthorized, add the WWW-Authenticate header
// to the response.
private static void OnApplicationEndRequest(object sender, EventArgs e)
{
var response = HttpContext.Current.Response;
if (response.StatusCode == 401)
{
response.Headers.Add("WWW-Authenticate",string.Format("Basic realm=\"{0}\"", Realm));
}
}
public void Dispose()
{
}
}
public class BasicAuthHttpModule : IHttpModule
{
private const string Realm = "...";
public void Init(HttpApplication context)
{
// Register event handlers
context.AuthenticateRequest += OnApplicationAuthenticateRequest;
context.EndRequest += OnApplicationEndRequest;
}
private static void SetPrincipal(IPrincipal principal)
{
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
}
// TODO: Here is where you would validate the username and password.
private static bool CheckPassword(string username, string password)
{
return Membership.ValidateUser(username, password);
}
private static void AuthenticateUser(string credentials)
{
try
{
credentials = Encoding.ASCII.GetString(Convert.FromBase64String( credentials));
int separator = credentials.IndexOf(':');
string username = credentials.Substring(0, separator);
string password = credentials.Substring(separator + 1);
if (CheckPassword(username, password))
{
var identity = new GenericIdentity(username);
string[] roles = Roles.Provider.GetRolesForUser(username);
SetPrincipal(new GenericPrincipal(identity, roles));
}
else
{
HttpContext.Current.Response.StatusCode = 401;
}
}
catch (FormatException)
{
HttpContext.Current.Response.StatusCode = 401;
}
}
private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
{
var request = HttpContext.Current.Request;
var authHeader = request.Headers["Authorization"];
if (authHeader != null)
{
var authHeaderVal = AuthenticationHeaderValue.Parse(authHeader);
if (authHeaderVal.Scheme.Equals("basic",StringComparison.OrdinalIgnoreCase) && authHeaderVal.Parameter != null)
{
AuthenticateUser(authHeaderVal.Parameter);
}
}
}
// If the request was unauthorized, add the WWW-Authenticate header
// to the response.
private static void OnApplicationEndRequest(object sender, EventArgs e)
{
var response = HttpContext.Current.Response;
if (response.StatusCode == 401)
{
response.Headers.Add("WWW-Authenticate",string.Format("Basic realm=\"{0}\"", Realm));
}
}
public void Dispose()
{
}
}