Giao Trinh ASP Net Nang Cao

7/30/2019 Giao Trinh ASP Net Nang Cao

1/43

- - - - - -

Gio trnh

ASP.NET

nng cao


2/43

Gio trnh ASP.NET nng cao

phn 1: Cc iu khin nng cao trong asp.netChng 1: S dng iu khin Login1.1 Tng quan v cc iu khin Login1.2 S dng iu khin Login1.3 S dng iu khin LoginStatus1.4 S dng iu khin ChangePassword1.5 S dng iu khin PasswordRecoveryChng 2: ASP.NET Menbership2.1 Cu hnh Authentication2.2 Cu hnh Authorization2.3 S dng ASP.NET Menbership

2.4 S dung Role ManagerChng 3: Global Resource v Local Resource3.1 Thit lp Current Culture3.2 S dng lp CulterInfo3.3 To Local Resources3.4 To Global Resources3.5 S dng iu khin LocalizeChng 4: S dng cc iu khin iu hng4.1 Tng quan v Site Map4.2 S dng iu khin SiteMapPath4.3 S dng iu khin Menu

4.4 S dng iu khin TreeViewChng 5: Xy dng v s dng cc iu khin do ngi dng to ra5.1 Tng quan v xy dng cc iu khin5.2 ViewState v ControlState5.3 X l s kin v D liu tr vChng 6: ASP.NET v AJAX

Phn 2: Xy dng ng dng Vi ASP.NET(Mc tiu: Xy dng website thng mi in t, bn my tnh trc tuyn.)Chng 8: Gii thiu v h thng thng mi in tChng 9: M hnh kinh doanh

9.1 Thu thp yu cu9.2 Phn tch hiu qu9.3 Nghin cu v qun l ri doChng 10: M hnh ha v xy dng giao din ng dng10.1 M hnh ha h thng10.2 Thit k d liu vi sqlServer 2005Chng 11: Thit k kin trc11.1 Xy dng kin trc h thng


3/43

11.2 To cc i tng dng chung11.3 To tng truy cp d liu11.4 To tng x l nghip v11.5 La chn tch hp cho ng dng11.6 To tng trnh by

Chng 12: Xy dng ng dng12.1 Pht trin danh mc sn phm12.2 Xy dng Gi hng12.3 Tch hp thanh ton trc tuyn12.4 Ci t X l kim tra12.5 Xy dng cc iu khin qun tr.12.6 Xy dng ti khon khch hngChng 13: trin khai v bo tr ng dng

Ni Dung

Chng 1. S dng cc iu khin loginBn c th s dng cc iu khin Login ca ASP.NET xy dng cc h thng ngk ngi s dng cho wensite ca mnh, Bn c th s dng cc Login Control toform ng nhp, ng k, thay i mt khu hay ghi nh mt khu trn Form.Trong chng ny chng ta s hc chi tit cc iu khin Login: Cho php hin th Form ng nhp ngi s dng. CreateUserWizard: Cho php hin th Form ng k ngi s dng LoginStatus: Hin th trng thi Login hay Logout ph thuc vo trng thi kim chngngi s dng LoginName: Hin th tn ngi ng k hin ti ChangePassword: Hin th Form cho php ngi s dng thay i mt khu PasswordRecovery: Cho php ngi s dng khi phc password, password ny sc gi vo mail cho ngi s dng. LoginView: hin th cc ni dung khc nhau ti mi ngi s dng phc thuc thucvo authentication hoc role.1.1 Tng quan v cc iu khin loginGi s bn c mt trang web nh sau:Listing 1.1 Baomat/Secret.aspx

Bao mat


4/43

y l trang web c bo mt

Khi chy, trang s hin th dng ch y l trang web c bo mt bo mt cho trang web ny bn cn thit lp hai cu hnh trn ng dng ca bn, cncu hnh c authentication v authorization.u tin bn cn thit lp authentication v mode=Forms trong file web.config trongth mc gc.Listing 1.2 web.config

Bi mc nh tt c mi ngi c th truy cp vo website, nu bn ngn cn ngi sdng truy cp vo th mc no bn cu hnh authortization cho th mc , trong Listing1.3 sau s ngn cn ngi s dng truy cp vo th mc Baomat.Listing 1.3 Baomat/web.config

Khi bn thit lp hai cu hnh trn th khi website ca bn yu cu ti trang Secret.aspxth ng website s t ng chuyn v trang login.aspxListing 1.4 Login.aspx

Trang dang nhap


5/43

Giao din trang Login.aspx

(Hnh 1)

Trong Listing 1.4 bn iu khin Login c hai thuc tnh CreateUserText,CreateUserUrl N s a ra mt link vi Text l ng k v mt a ch URL dn titrang ng k trong trng hp ny l trang Register.aspx.

Tp tin nh km:

1.2 S dng iu khin Loginiu khin Login a ra mt form ng nhp tiu chun. Mc nh iu khin Login sdng ASP.NET MenberShip kim chng ngi s dng, tuy nhin bn c th tychnh kiu kim chng ngi s dng vi iu khin Login.iu khin Login h tr rt nhiu thuc tnh cho php bn ty chnh cch hin th v ngx ca iu khin nh Listing 1.5 sau:Listing 1.5 showLogin.aspx

M:

Hin th Form ng nhp


6/43

.login{

width:250px;font:14px Verdana,Sans-Serif;background-color:lightblue;

border:solid 3px black;padding:4px;}.login_title{

background-color:darkblue;color:white;font-weight:bold;

}.login_instructions{

font-size:12px;text-align:left;padding:10px;

}.login_button{

border:solid 1px black;padding:3px;

}

Kt xut ca chng trnh trn


7/43

Hnh 2

1.2.1 T ng chuyn trang ti mt trang ch nhNu bn yu cu 1 trang m bn cha c kim chng, ASP.NET s t ng chuynbn ti trang Login.aspx. Sau khi bn ng nhp thnh cng, n s chuyn bn ngc li

ti trang yu cu.Khi bn b chuyn sang trang Login.aspx, mt chui truy vn tham s t tn lReturnUrl c t ng thm vo trang yu cu, Chui truy vn ny s cha ng ngdn ca trang yu cu, iu khin Login s s dng tham s ReturnUrl ny chuyn trangtr li trang ngun.

1.2.2 T ng n iu khin Login khi kim chng ngi s dngMt vi website hin th iu khin trn nh tt c cc trang, khi ngi s dng ngnhp thnh cng th iu khin ny t ng n i. lm iu ny tht n gin trnASP.NET, bn ch cn thm vo mt iu khin Login trn MasterPage, v iu khinlogin ny c th hin th trn tt c cc trang c s dng MasterPage. Bn c th s dng

thuc tnh Orientation hin th iu khin Login ny theo chiu ngang hoc chiu dcnh v d sau:Listing 1.6 Main.master

M:

iu khin Login

body{

background-color:#e5e5e5;}.content{

margin:auto;width:650px;border:solid 1px black;background-color:white;padding:10px;

}.login{

font:10px Arial,Sans-Serif;margin-left:auto;


8/43

}.login input{

}

Trang loginMaster.aspx

Cho mng bn n vi website ca chng ti

Kt xut ca chng trnh

Hnh 3

1.2.3 S dng Templeteiu khin Login bao gm thuc tnh LayoutTemplate cho php bn ty chnh cch thhin ca iu khin Login.Khi bn thm vo mt mu hin th, bn cn thm vo iu khin v Temple cc ID sau: UserName Password RememberMe FailureText


9/43

V bn cn thm vo mt thuc tnh CommandName vi gi tr LoginListing 1.7 LoginTemplete.aspxM:

Trang ng nhp

Kt xut ca chng trnh

Hnh 4

1.2.4 Thc hin ty chnh kim chng vi iu khin LoginMc nh, iu khin Login s dng ASP.NET MenberShip kim chng tn s dngv mt khu. Nu bn cn thay i ng xa mc nh bn c th iu khin s kinAuthenticate ca iu khin Login nh v d di y.Listing 1.8 Web.configM:


10/43

Trang LoginCustom.aspx

M:

protected void loginCustom_Authenticate(object sender, AuthenticateEventArgs e){

string userName = loginCustom.UserName;string Password = loginCustom.Password;e.Authenticated = FormsAuthentication.Authenticate(userName, Password);

}

Login Custom

1.3 S dng iu khin CreateUserWizardiu khin CreateUserWizard a ra mt Form ng k ngi s dng, Mt ngi ngk thnh cng, ngi ng k mi s c thm vo website ca bn. iu khin


11/43

CreateUserWizard s dng ASP.NET MenberShip to mt ngi s dng mi.iu khin CreatUserWizsrd h tr rt nhiu thuc tnh cho php bn ty chnh cch hinth v ng x nh v d sau:Listing 1.9 showCreateUserWizard.aspxM:

Hin th Form ng k ngi s dng

.createUser

{ width:350px;font:14px Verdana,Sans-Serif;background-color:lightblue;border:solid 3px black;padding:4px;

}.createUser_title{


}.createUser_instructions{


}.createUser_button{


}


12/43

id="CreateUserWizard1"ContinueDestinationPageUrl="~/Default.aspx"InstructionText="Please complete the following form to register at this Website."CompleteSuccessText="Your new account has been created. Thank you for

registering."

CssClass="createUser"TitleTextStyle-CssClass="createUser_title"InstructionTextStyle-CssClass="createUser_instructions"CreateUserButtonStyle-CssClass="createUser_button"ContinueButtonStyle-CssClass="createUser_button"Runat="server" />

Kt xut ca chng trnhHnh 5

1.3.1 Gi Email thng bo ti ngi s dngBn c th thit lp cho php iu khin CreateUserWizard gi th t ng n ngi sdng khi ng k thnh cng mt ti khon mi trn website ca mnhV d bn c th gi mt mail cha ng thng tin v ti khon v mt khu ca ngis dng v ti khon email ca ngi ny.Listing 1.10 CreateUserWizardEmail.aspxM:

Send Email


13/43

From="[email protected]" />

Lp MailDefinition h tr cc thuc tnh sau:BodyFileName: ch nh ng dn cha ni dung thCC: Cho php gi mt bn copy ti hm th khcEmbeddedObjects: Cho php gi km cc file khc nh l nh, docFrom: a ch hm th gi.IsBodyHtml: Cho php gi nh dng HtmlPriority: Cho php bn ch nh u tin ca th, n c th c cc gi tr sau: High,Low, v NormalSubject: Ch nh tiu ca th.

Lp MailDefinition s dng mail server c cu hnh bi thnh phn SMTP trong fileWeb.config nh v d sau:Listing 1.11 Web.configM:

Vi v d trn l bn dng mail server t my cc b, bn cng c th thit lp mailserver t mt my ch khc bng vic ch nh cc mail host, username v PasswwordListing 1.12 Web.configM:

1.3.2 Chuyn ngi s dng sang mt trang khc t ngKhi bn ng nhp thnh cng trn trang Login.aspx, trang t ng chuyn li trangngi s dng va yu cu. Vi iu khin CreateUserWizard khng t ng lm vic


14/43

ny cho chng ta, n c th lm vic ging vi iu khin Login chng ta cn vitthm mt t code.iu khin login trong Listing 1.12 sau bao gm mt ng ngi s dng chuynn trang ng k s dng c t tn l CreateUserWizardReturn.aspx. Trong s kinPage_Load(). Gi tr ca chui truy vn c thm vo trang ng k.

Listing 1.13 LoginReturn.aspxM:

protected void Page_Load(object sender, EventArgs e){

if (!Page.IsPostBack){

string dest = Request.QueryString["ReturnUrl"];

Login1.CreateUserUrl = "~/CreateUserWizardReturn.aspx?ReturnUrl=" +Server.UrlEncode(dest);}

}

ng nhp

Trc khi s dng Listing 1.13 bn cn thay i tn trang LoginReturn.aspx thnh trangLogin.aspx. Nu ngi s dng yu cu n mt trang yu cu phi kim chng, ngis dng s t ng chuyn ti trang Login.aspx. Tham s ReturnUrl s c gn vo


15/43

trang Login ny.Trong Listing 1.14 sau cha ng mt iu khin CreateUserWizard. Trang ny ch chang mt iu khin s kin Page_Load(). Gi tr ca tham s ReturnUrl c s dng a ngi s dng tr v trang m ngi s dng yu cu.Listing 1.14 CreateUserWizardReturn.aspx

M:

void Page_Load(){

if (!Page.IsPostBack){

string dest = "~/Default.aspx";if (!String.IsNullOrEmpty(Request.QueryString["ReturnURL"]))dest = Request.QueryString["ReturnURL"];CreateUserWizard1.ContinueDestinationPageUrl = dest;

}}

Gi li trang CreateUserWizardReturn.aspx

1.3.3 Sinh Password t ngMt vi website khi bn ng k s dng, n ch yu cu bn nhp cc thng tin c nhncn mt khu website s t sinh ra v gi v hm th ca bn. sau khi ng nhp ln ubn c th thay i mt khu ny.Nu bn cn s dng kch bn ny cho website ca bn khi ngi s dng ng k sdng, bn cn lm c 3 thuc tnh sau ca iu khin CreateUserWizardAutoGeneratePassword: Cho php t sinh ra mt password t ngDisableCreatedUser: Cho php v hiu ha to ti khon mi t iu khinCreateUserWizard.LoginCreatedUser: Cho php bn ngn cn ngi s dng mi s c ng nhp t


16/43

ngBn c th gi hai kiu mail xc nhn. u tin bn c th sinh password t ng v giPassword vo hm th ca ngi s dng. Trong tng hp ny bn s cho php thuctnh AutoGeneratePassword v v hiu ha thuc tnh LoginCreatedUser. Trng hpth 2, bn c th cho php mt ngi s dng nhp mt khu v gi m xc nhn n

hm th xc nhn Trong trng hp ny bn s cho php thuc tnh DisableCreatedUserv v hiu ha thuc tnh LoginCreatedUser.Listing 1.15 cha ng mt iu khin CreateUserWizard m khng yu cu nhp mtkhu. iu khin ny cho php thuc tnh AutoGeneratePassword v v hiu ha thuctnh LoginCreatedUserListing 1.15 CreateUserWizardPasswordConfirmation.aspxM:

T ng sinh Password


17/43

iu khin CreateUserWizard gi th cha ng nh trong Listing 1.16Listing 1.16 PasswordConfirmation.htmM:

Ni dung xc nhn mt khu

Ni dung xc nhn mt khuYour new password is .

Khi to ti khon thnh cng trong mail cha ng mt khu t sinh ra. Ngi s dngs dng mt khu ny ng nhp trn website.Trong kch bn th 2, ngi s dng c th s dng password m ngi chn. Tuynhin ti khon ny s b v hiu ha cho n khi ngi ny nhp m xc nhn.iu khin CreateUserWizard trong Listing 1.17 cho php thuc tnh DisableCreateUserv v hiu ha thuc tnh LoginCreatedUser.Listing 1.17 CreateUserWizardCodeConfirmation.aspxM:

protected void CreateUserWizard1_SendingMail(object sender,

MailMessageEventArgs e){

MembershipUser user = Membership.GetUser(CreateUserWizard1.UserName);string code = user.ProviderUserKey.ToString();e.Message.Body = e.Message.Body.Replace("", code);

}

To form ng k yu cu xc nhn m


18/43

Trong Listing 1.17 gm mt iu khin s kin SendingMail. M s dng l mt khaduy nht gi ti ngi s dng bi MenberShip Provider. M xc nhn c trnhtrong mail trc khi mail c gi. Mail ny c cha ng trong Listing 1.18Listing 1.18M:

Untitled Page

,M xc nhn ca bn l

Sau khi hon thnh Form a ra bi CreateUserWizard bn nhn vo nt Continue mtrang ConfirmCode.aspx.Listing 1.19 ConfirmCode.aspxM:


19/43

protected void btnConfirm_Click(object sender, EventArgs e){

MembershipUser user = Membership.GetUser(txtUserName.Text);

if (user == null){lblError.Text = "Tn s dng khng ng";

}else{

string providerCode = user.ProviderUserKey.ToString();string userCode = txtConfirmationCode.Text.Trim();if (providerCode != userCode)

{lblError.Text = "Sai m cc nhn";

}else{

user.IsApproved = true;Membership.UpdateUser(user);Response.Redirect("~/Baomat/Secret.aspx");

}}

}

kim tra xc nhn

Nhp m xc nhn m bn c gi t mail.


20/43

1.4 S dng iu khin LoginStatusiu khin LoginStatus hin th trng thi lin kt Login hoc Logout, ph thuc votrng thi kim chng ca bn. Khi bn nhn vo lin kt Link, bn c chuyn ntrang Login.aspx. Khi nhn vo lin kt Logout bn s ng xut khi website.

Listing 1.20 ShowLoginStatus.aspxM:

hin th LoginStatus

LoginStatus h tr cc thuc tnh sau:

LoginImageUrl: nh ngha mt nh cho Login Link. LoginText: nh ngha Text cho Login Link. LogoutAction: cho php bn iu khin vic g s xy ra khi bn nhn vo Logout Link.C th l cc gi tr sau:Redirect, RedirectToLoginPage,Refresh. LogoutImageUrl: cho php bn nh ngha nh cho Logout Link. LogoutPageUrl: nh ngha trang m ngi s dng s chuyn n khi h ng xut.Thuc tnh ny mc nh s b b qua tr khi bn thit lp thuc tnh LogoutAction c gitr l Redirect.


21/43

LogoutText:nh ngha ni dung cho Logout Link.

LoginStatus h tr hai s kin sau: LoggingOut: Xy ra trc khi ngi s dng ng xut LoggedOut: Xy ra sau khi ngi s dng ng xut

1.5 S dng iu khin LoginNameS dng iu khin LoginName bn c th cho php hin th tn ngi s dng cng k. Nu ngi s dng hin ti khng c kim chng iu khin LoginName sa ra gi tr rng.Listing 1.21 ShowLoginName.aspxM:

hin th LoginName

Trong Listing 1.21 trn bn thy rng iu khin LoginName c cha ng thuc tnhFormatString N cho php bn nh dng tn ngi s dng khi tn ngi s dng ca ra.

1.6 S dng iu khin ChangePasswordiu khin ChangePassword cho php ngi s dng hay ngi qun tr c th thay imt khu ca mnh

Listing 1.22 ShowChangePassword.aspxM:


22/43

hin th thay i mt khu.changePassword{

font:14px Verdana,Sans-Serif;background-color:lightblue;border:solid 3px black;padding:4px;

}.changePassword_title{


}.changePassword_instructions{


}.changePassword_button{


}


23/43

ChangePasswordButtonStyle-CssClass="changePassword_button"CancelButtonStyle-CssClass="changePassword_button"ContinueButtonStyle-CssClass="changePassword_button"Runat="server" />

Kt xut ca chng trnh

Hnh 6

1.6.1 Gi mt Email thay i PasswordSau khi ngi s dng thay i mt khu thnh cng, bn c th s dng iu khinChangePassword t ng gi mt email ti ngi s dng vi ni dung cha km mt

khu mi ca ngi .Listing 1.23 ChangePasswordEmail.aspxM:

Thay i mt khu


24/43

Trong ni dung file ChangePassword.txt c ni dung nh sau,your new password is .

1.6.2 S dng Templetes vi iu khin ChangePasswordNu bn cn ty chnh cch xut hin ca iu khin ChangePassword bn c th sdng templetes nh dng iu khin. iu khin ChangePassword h tr c haiChangePasswordTemplate v SuccessTemplate. V d sau s hng dn bn s dng chai temples ny.Listing 1.24 ChangePasswordTemplate.aspxM:

S dng templete vi ChangePassword

Thay i mt khu


25/43

Your password has been changed!

Kt xut ca chng trnh

Hnh 7

Khi s dng Templetes bn vi iu khin ChangePassword bn cn thm vo cc IDkm theo UserName CurrentPassword ConfirmPassword NewPassword FailureText

Bn ch c th thm vo cc iu khin Button theo cc gi tr cho thuc tnhCommandName: ChangePassword Cancel Continue

1.7 S dng iu khin PasswordRecoveryNu ngi s dng qun mt khu ca mnh, ngi c th s dng iu khinPasswwordRecovery khi phc mt khu, iu khin PasswordRecovery s gi limt khu ban u hoc to mt mt khu mi v gi ti cho ngi s dng.Listing 1.25 showPasswordRecovery.aspx

M:


26/43

show Password Recovery

.passwordRecovery{

font:14px Verdana,Sans-Serif;

background-color:lightblue;border:solid 3px black;padding:4px;

}.passwordRecovery_title{


}.passwordRecovery_instructions

{ font-size:12px;text-align:left;padding:10px;

}.passwordRecovery_button{


}


27/43

Khi chy chng trnh trn u tin bn s b yu cu nhp tn s dng, tip theo bnphi nhp cu tr li b mt m bn s dng trong lc ng k, cui cng mt khu sc gi n ti khon email ca ngi ng k.Bi mc nh iu khin PasswordRecovery s khi to mt khu v gi n ngi s

dng.1.7.1 Gi mt khu ban uBi mc nh iu khin PasswordRecovery khng gi mt khu c ca ngi s dng,nu bn khng mun iu khin PasswordRecovery khi ta li password ca ngi sdng trc khi gi n bn phi thay i cu hnh MenberShip Provider, Ba thit lp cuhnh chnh passwordFormat, enablePasswordRetrieval, v enablePasswordReset.Bi mc nh thuc tnh passwordFormat c gi tr l Hashed. Khi mt khu cHashed, iu khin PasswordRecovery khng th gi mt khu gc ban u ca ngis dng, Nu bn mun ngi s dng nhn c password c ca mnh bn cn thitlp thuc tnh passwordFormat v cc gi tr Clear hoc Encrypted.Mc nh thuc tnh enablePasswordRetrieval c gi tr l false, nu bn mun ngi s

dng nhn c mt khu c bn phi thit lp cho php thuc tnh ny trong fileweb.config.Cui cng, mc nh thuc tnh enablePasswordReset c gi tr l true, N khng ch n gi tr ca PasswordFormat hay enablePasswordRetrieval, bn c th lun lun khito li mt khu ca ngi s dngListing 1.26 sau cha ng nhng cu hnh cn thit cho php gi mt khu c n ngis dng.Listing 1.26 Web.configM:

1.7.2 Yu cu cu hi bo mt v tr liKhi bn s dng CreateUserWizard to form ng k, bn b yu cu nhp cu hi bo


28/43

mt v cu tr li cho cu hi , iu khin PasswordRecovery hin th mt form chang cu hi bo mt, nu bn khng nhp vo ng cu tr li bo mt ca bn, mtkhu ca bn s khng c gi.Nu bn khng mun ngi s dng phi nhp cu hi bo mt khi khi phc mt khu,bn c th chnh sa cu hnh ca menbership, listing 1.27 sau s gn gi tr l false cho

thuc tnh requiresQuestionAndAnswer.Listing 1.27M:

Chng 2. S dng ASP.NET MenberShip

Trong chng trc, bn c hc cch s dng iu khin login to form ng k

ngi s dng vi h thng. Trong chng ny chng ta cng khm ph v gii nghabo mt framework trn cc iu khin Login.ASP.NET Framework bao gm 4 khung quan h bo mt: ASP.NET Authentication: Cho php nh ngha ngi s dng. ASP.NET Authorization: Cho php bn y nhim quyn truy xut d liu cho ngi sdng. ASP.NET Membership: cho php bn din t ngi s dng v chnh sa cc thuc tnhn. Role Manager: a ra vai tr ca ngi s dng v chnh s cc thuc tnh ca n.

2.1 Cu hnh Authentication

ng dng ch dn x l xc nh bn l ai. ASP.NET Framework h tr 3 kiu ca xcthc. Windows Authentication .NET Passport Authentication Forms AuthenticationMt ng dng ring ch c th p dng mt kiu xc thc. bn khng th ap dng ngthi nhiu kiu.Mc nh Windows authentication c cho php, Khi windows authentication c cho


29/43

php cc tn ti khon Micosoft Windows ca h. Vai tr ph hp vi nhm MicisoftWindows.Windows authentication y quyn chu trch nhim nh danh ngi s dng trn IIS. IISc th s dng cu hnh Basic, Intergrated Windows, hoc Digest authentication.Kim chng .NET Passport ging vi kim chng website ca Microsofts nh l MSN

hay Hotmail. Nu bn mun ngi s dng ng nhp trong ng dng ca bn bi cc tikhon Hotmail tn ti, bn c th cho php kim chng .Net PassPort.Cui cng l kiu kim chng Form Authentication. Khi Form Authentication c chophp, Cc ngi s dng c nh ngha bi mt cookie. Khi ngi s dng c kimchng. Mt cookie m ha c thm vo trnh duyt ca ngi s dng.Khi Form Authentication c cho php, ngi s dng v v thng tin vai tr c lutr trong mt kho d liu ty bin. V d bn c th lu tr tn ngi s dng v mtkhu trong mt file XML, database, hay mt file Text c bn.2.1.1 Cu hinh Form AuthenticationCc la chn cu hnh ring c ch nh n Form Authentication Cookieless: Cho php bn s dng s kin Form authentication khi trnh duyt khng

h tr Cookie, c th l cc gi tr: UseCookies, UseUri, AutoDetect, vUseDeviceProfile. Mc nh gi tr l UseDeviceProfile. defaultUrl: Cho php bn ch nh trang m sau khi ngi s dng c kim chngchuyn ti. mc nh l gi tr Default.aspx. domain: cho php bn ch nh domain c kt hp mi kim chng Cookie, gi trmc nh l rng. enableCrossAppRedirects: Cho php ngi s dng kim chng qua ng dng bngcch th xc thc trong mt chui truy vn.. Gi tr mc nh l fasle. loginUrl: Cho php bn ch nh ng dn ti trang Login. Gi tr mc nh lLogin.aspx name: Cho php bn ch nh tn ca cookie kim chng. gi tr mc nh l

.ASPXAUTH. path: Cho php bn ch nh ng dn kt hp vi cookie kim chng mc nh gi trl /. Protection: cho php bn ch nh cookie kim chng c m ha nh th no. Gi trc th l All, Encryption, None v Validation, gi tr mc nh l All. requiresSSL: Cho php bn yu cu mt SSL(Secure Sockets Layer) kt ni khi truyncookie kim chng. mc nh gi tr l false. slidingExpiration: Cho php bn ngn cn cookie xc thc ht hn nh l ngi s dngtip tc to mt yu cu trong mt khong thi gian, c th c gi tr l False hoc True,mc nh l Fasle. timeout: Cho php bn ch nh mt lng thi gian ht hn ca cookie xc thc tnh

bi pht. Gi tr mc nh l 30.V d sau s thay i tn ca cookie authentication.Listing 2.1 web1.config

M:


30/43

2.1.2 S dng kim chng Cookieless Forms.Bnh thng, kim chng Form s dng mt cookie xc nh ngi s dng, tuy nhinForms authentication h tr mt thuc tnh t tn l cookieless authentication. Khicookieless authentication c cho php, mt ngi s dng c th c nh danh ngoicookie ca trnh duyt.Bi vic thm vo kim chng cookieless, bn c th s dng Forms Authentication vASP.NET Menbership kim chng ngi s dng, mt ngi s dng c th cnh ngha bi mt th duy nht c thm vo a ch URL. Nu ngi s dng s dng

cc URL quan h ti ng dn t trang ny ti trang khc, sau th ny c truynqua gia cc trang t ng v ngi s dng c th c nh danh trn nhiu trang.Khi bn gi mt trang m yu cu xc thc v xc thc cookieless c cho php, a chURL trn trnh duyt nhn ging nh sau:http://localhost:2500/Original/(F(WfAne ... VllOKdQkRktOqV7cfcrgUJ2NKxNhH9dTA7fgzZ-cZwyr4ojyU6EnarC-bbf8g4sl6m4k5kk6Nmcsg1))/SecretFiles/Secret2.aspx

Bn cu hnh kim chng cookieless bi vic gn mt gi tr ca thnh phn form trongfile web.config. thuc tnh cookieless chp nhn mt vi thuc tnh sau: UseCookies: lun lun s dng cookie xc thc.

UseUri: Khng bao gi s dng cookie xc thc. AutoDetect: t ng pht hin s dng cookie xc thc. UseDeviceProfile: s dng profile nh r khi no s dng cookie xc thc.Mc nh l gi tr UseDeviceProfile. Bi mc nh ASP.NET Framework l mt cookiech khi no mt kiu ring ca thit b h tr cookie. ASP.NET Framework duy tr mtc s d liu ty thuc kh nng thit b trong thit lp ca cc file cha ng theong dn sau:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\BrowsersBi mc nh ASP.NET Framework khng bao gi s dng xc thc cookieless vi mttrnh duyt nh l IE. Nu bn mun ASP.NET Framework t ng pht hin trnh duytc h tr cookie hay khng th bn thit lp thuc tnh cookieless c gi tr l

AutoDetect.Listing 2.2M:
http://localhost:2500/Original/(F(WfAnevWxFyuN4SpenRclAEh_lY6OKWVllOKdQkRkhttp://localhost:2500/Original/(F(WfAnevWxFyuN4SpenRclAEh_lY6OKWVllOKdQkRk


31/43

2.1.3 S dng s ht hn trt vi Forms Authentication

Bi mc nh Forms Authentication s dng cc hgii quyt trt ht hn, Ngi sdng khng yu cu trang trong vng 30 pht, trang s t ng ng xut.Nu bn c yu cu bo mt ng n, bn c th s dng gii php thi hn tuyt ithay cho trt thi hn. Trong trng hp ny, bn c th hiu lc mt ngi s dngng nhp li sau mt khong thi gian ring.

Listing 2.3M:

2.1.4 S dng Forms authentication ngang qua ng dngTrong phn trc bn c hc chia s xc thc cookie qua cc ng dng khc nhautrong cng server hoc server khc nhau, trong phn ny bn s hc cch chia s xc thc

cookie qua nh domain.Mt cookie trnh duyt lun quan h vi domain, Vi d website Amazon khng th ccookie thit lp bi website itechpro hoc vietnamnet. Tuy nhin bn c th khm phrng bn cn chia s thng tin xc thc qua nhiu website vi nhiu domain khc nhau.Bn c th lm vic quanh vn ny bi vic truyn th xc thc trong mt chui truyvn hn l trong mt cookie Khng c g ngn cn bn truyn tham s qua cc domainkhc nhau. c th cho php trong ng cnh ny, bn phi cu hnh ng dng ca bn chp nhnth xc thc c truyn trong chui truy vn, nh v d sau:

Listing 2.4 web4.config

M:


32/43

A53DBB3C3E0AD2"validationKey="61A8E04A146AFFAB81B6AD19654F99EA7370807F18F5002725DAB98B8EFD19C711337E26948E26D1D174B159973EA0BE8CC9CAA6AAF513BF84E44B2247792265" />

Nu bn cu hnh nh Listing 2.4 cho php hai ng dng khc nhau nh v trn ccdomain khc nhau, hai ng dng khc nhau c th chia s th kim chng khc nhau.Khi bn lin kt hoc chuyn san trang t mt trang khc bn phi truyn th kim chngny trong chui tham s truy vn

Listing 2.5 QueryStringAuthenticate.aspxM:

void Page_Load(){

string cookieName = FormsAuthentication.FormsCookieName;string cookieValue = FormsAuthentication.GetAuthCookie(User.Identity.Name,

false).Value;lnkOtherDomain.NavigateUrl += String.Format("?{0}={1}", cookieName,

cookieValue);}

Untitled Page

2.1.5 S dng Lp FormsAuthentication


33/43

Giao tip lp trnh ng dng chnh cho tng tc vi kim chng Forms l lpFormsAuthentication Lp ny h tr cc thuc tinh sau: CookieDomain: Tr v domain kt hp vi cookie xc thc CookieMode: Tr v kiu xc thc cookieless. C th l cc gi tr: AutoDetect,UseCookies, UseDeviceProfile, and UseUri.

CookiesSupported: Tr v ng khi trnh duyt h tr cookie v xc thc Forms ccu hnh s dng cookies. DefaultUrl: Tr v URL ca trang m ngi s dng c chuyn ti sau khi ckim chng. EnableCrossAppRedirects: Tr v true khi th kim chng c th g b t chui truyvn FormsCookieName: tr v tn ca cookie xc thc FormsCookiePath: Tr v ng dn kt hp vi cookie kim chng. LoginUrl: tr v URL ca trang m ngi s dng c chuyn ti khi s c kimchng. RequireSSL: Tr v ng khi cookie kim chng phi c truyn thng vi SSL.

SlidingExpiration: Tr v True khi cookie kim chng s dng chnh sch trt quhn.Cc thuc tnh ny tr v cc thit lp cu hnh trong file web.configLp FormsAuthentication h tr cc phng thc sau: Authenticate: Cho php bn kim tra li UserName v Password da vo mt danh schUserName v Password c lu tr trong file web.config. Decrypt: cho php bn gii m mt cookie xc thc GetAuthCookie: Cho php bn ly thng tin cookie xc thc. GetRedirectUrl: Cho php bn ly thng tin ng dn trang ban u gy ra chuyn titrang Login.aspx. HashPasswordForStoringInConfigFile: Cho php bn lu tr mt mt khu m n cth c lu tr trong file web.config. RedirectFromLoginPage: Cho php bn chuyn ngi s dng quay tr li trang banu c yu cu trc khi ngi s dng c chuyn ti trang Login.aspx. RedirectToLoginPage: cho php chuyn ngi s dng ti trang Login.aspx RenewTicketIfOld: Cho php bn cp nht thi gian ht hn ca cookie kim chng. SetAuthCookie: Cho php bn to v a ra mt cookie kim chng. SignOut: Cho php bn g b mt cookie kim chng v ng xut ngi s dng.Bn c th s dng cc phng thc v thuc tnh ca lp FormsAuthentication xydng ngi ng k s dng v h thng kim chng ngoi vic s dng ASP.NETMenbership. V d Listing 2.6 cha ng mt danh sch tn s dng v mt khu

Listing 2.6 web6.configM:


34/43

Listing 2.6 cha ng thnh phn forms m cha ng thnh phn credentials.credentials bao gm mt danh sch UserName v Password.Ch rng thnh phn credentials cha mt thuc tnh PasswordFormatm c thit lpvi gi tr Clear, Nu bn thch lu tr mt khu trong Text hn bn c th lu tr mtkhu trong cc gi tr hash, Vi con ng th bt c ai trn webserver khng th nhnthy mt khu ca ngi khc. Trng hp 2 gi tr ca PasswordFormat c th l MD5v SHA1.

Listing 2.7 FormsLogin.aspxM:

protected void btnLogin_Click(object sender, EventArgs e){

if (FormsAuthentication.Authenticate(txtUserName.Text,txtPassword.Text))FormsAuthentication.RedirectFromLoginPage(txtUserName.Text,

chkRememberMe.Checked);else

lblError.Text = "Invalid user name/password";}

ng nhp h thng


35/43

Khi bn nhn vo nt Button Login, hm btnLogin_Click() c thc thi v phng thcFormsAuthentication.Authenticate() c s dng kim tra tn s dng v mt khunhp trong Textbox c trong fike web.config khng. Nu ngi s dng xc thc thnhcng th phng thc FormsAuthentication.RedirectFromLoginPage() c gi.Phng thc RedirectFromLoginPage() lm hai vic: thm mt cookie xc thc vo trnhduyt ca ngi s dng v chuyn ngi s dng ti trang u tin b chuyn sang trangLogin.aspx. Nu ngi s dng yu cu trc tip trang Login.aspx th n s chuyn vtrang Default.aspx.Tham s th 2 truyn ti phng thc RedirectFromLoginPage() cho bit c bn cmun s dng mt session hay mt persistent cookie hay khng. Nu bn to mtpersistent cookie th bn khng cn phi ng nhp trang web khi bn tr li trong mtthi gian sau .2.1.6 S dng lp UserBn c th s dng thuc tnh Page.User hoc HttpContext.User ly thng tin vngi s dng hin ti. Thuc tnh Page.User a ra mt i tng Principal m h trphng thc sau:IsInRole: Cho php kim tra ngi s dng c phi l mt thnh vin ca Role ring haykhng.V d Khi Windows Authentication c cho php, bn c th s dng phng thcIsInRole kim tra ngi s dng c phi l thnh vin ca nhm ring trong MSWindows nh l nhm BUILTIN\Administrators hay khng?

if (User.IsInRole(BUILTIN\Administrators)){// thc hin cng vic ca qun tr vin h iu hnh}i tng Principal ch bao gm mt thuc tnh Identity cho php bn ly thng tin vc tnh ca ngi s dng hin ti. i tng Indentity h tr ba thuc tnh sau:AuthenticationType: cho php bn xc nh ngi s dng c kim chng nh th noc th l cc gi tr: Forms, Basic, v NTLM.


36/43

IsAuthenticated: cho php bn xc nh ngi s dng c c kim chng hay khng.Name: cho php ly thng tin tn ca ngi s dng.

Chng 2. S dng ASP.NET MenberShip

Trong chng trc, bn c hc cch s dng iu khin login to form ng kngi s dng vi h thng. Trong chng ny chng ta cng khm ph v gii nghabo mt framework trn cc iu khin Login.ASP.NET Framework bao gm 4 khung quan h bo mt: ASP.NET Authentication: Cho php nh ngha ngi s dng. ASP.NET Authorization: Cho php bn y nhim quyn truy xut d liu cho ngi sdng. ASP.NET Membership: cho php bn din t ngi s dng v chnh sa cc thuc tnhn. Role Manager: a ra vai tr ca ngi s dng v chnh s cc thuc tnh ca n.

2.1 Cu hnh Authenticationng dng ch dn x l xc nh bn l ai. ASP.NET Framework h tr 3 kiu ca xcthc. Windows Authentication .NET Passport Authentication Forms AuthenticationMt ng dng ring ch c th p dng mt kiu xc thc. bn khng th ap dng ngthi nhiu kiu.Mc nh Windows authentication c cho php, Khi windows authentication c chophp cc tn ti khon Micosoft Windows ca h. Vai tr ph hp vi nhm MicisoftWindows.

Windows authentication y quyn chu trch nhim nh danh ngi s dng trn IIS. IISc th s dng cu hnh Basic, Intergrated Windows, hoc Digest authentication.Kim chng .NET Passport ging vi kim chng website ca Microsofts nh l MSNhay Hotmail. Nu bn mun ngi s dng ng nhp trong ng dng ca bn bi cc tikhon Hotmail tn ti, bn c th cho php kim chng .Net PassPort.Cui cng l kiu kim chng Form Authentication. Khi Form Authentication c chophp, Cc ngi s dng c nh ngha bi mt cookie. Khi ngi s dng c kimchng. Mt cookie m ha c thm vo trnh duyt ca ngi s dng.Khi Form Authentication c cho php, ngi s dng v v thng tin vai tr c lutr trong mt kho d liu ty bin. V d bn c th lu tr tn ngi s dng v mtkhu trong mt file XML, database, hay mt file Text c bn.

2.1.1 Cu hinh Form AuthenticationCc la chn cu hnh ring c ch nh n Form Authentication Cookieless: Cho php bn s dng s kin Form authentication khi trnh duyt khngh tr Cookie, c th l cc gi tr: UseCookies, UseUri, AutoDetect, vUseDeviceProfile. Mc nh gi tr l UseDeviceProfile. defaultUrl: Cho php bn ch nh trang m sau khi ngi s dng c kim chngchuyn ti. mc nh l gi tr Default.aspx. domain: cho php bn ch nh domain c kt hp mi kim chng Cookie, gi tr


37/43

mc nh l rng. enableCrossAppRedirects: Cho php ngi s dng kim chng qua ng dng bngcch th xc thc trong mt chui truy vn.. Gi tr mc nh l fasle. loginUrl: Cho php bn ch nh ng dn ti trang Login. Gi tr mc nh lLogin.aspx

name: Cho php bn ch nh tn ca cookie kim chng. gi tr mc nh l.ASPXAUTH. path: Cho php bn ch nh ng dn kt hp vi cookie kim chng mc nh gi trl /. Protection: cho php bn ch nh cookie kim chng c m ha nh th no. Gi trc th l All, Encryption, None v Validation, gi tr mc nh l All. requiresSSL: Cho php bn yu cu mt SSL(Secure Sockets Layer) kt ni khi truyncookie kim chng. mc nh gi tr l false. slidingExpiration: Cho php bn ngn cn cookie xc thc ht hn nh l ngi s dngtip tc to mt yu cu trong mt khong thi gian, c th c gi tr l False hoc True,mc nh l Fasle.

timeout: Cho php bn ch nh mt lng thi gian ht hn ca cookie xc thc tnhbi pht. Gi tr mc nh l 30.V d sau s thay i tn ca cookie authentication.


2.1.2 S dng kim chng Cookieless Forms.Bnh thng, kim chng Form s dng mt cookie xc nh ngi s dng, tuy nhinForms authentication h tr mt thuc tnh t tn l cookieless authentication. Khicookieless authentication c cho php, mt ngi s dng c th c nh danh ngoicookie ca trnh duyt.

Bi vic thm vo kim chng cookieless, bn c th s dng Forms Authentication vASP.NET Menbership kim chng ngi s dng, mt ngi s dng c th cnh ngha bi mt th duy nht c thm vo a ch URL. Nu ngi s dng s dngcc URL quan h ti ng dn t trang ny ti trang khc, sau th ny c truynqua gia cc trang t ng v ngi s dng c th c nh danh trn nhiu trang.Khi bn gi mt trang m yu cu xc thc v xc thc cookieless c cho php, a chURL trn trnh duyt nhn ging nh sau:http://localhost:2500/Original/(F(WfAne ... VllOKdQkRk
http://localhost:2500/Original/(F(WfAnevWxFyuN4SpenRclAEh_lY6OKWVllOKdQkRkhttp://localhost:2500/Original/(F(WfAnevWxFyuN4SpenRclAEh_lY6OKWVllOKdQkRk


38/43

tOqV7cfcrgUJ2NKxNhH9dTA7fgzZ-cZwyr4ojyU6EnarC-bbf8g4sl6m4k5kk6Nmcsg1))/SecretFiles/Secret2.aspx

Bn cu hnh kim chng cookieless bi vic gn mt gi tr ca thnh phn form trongfile web.config. thuc tnh cookieless chp nhn mt vi thuc tnh sau:

UseCookies: lun lun s dng cookie xc thc. UseUri: Khng bao gi s dng cookie xc thc. AutoDetect: t ng pht hin s dng cookie xc thc. UseDeviceProfile: s dng profile nh r khi no s dng cookie xc thc.Mc nh l gi tr UseDeviceProfile. Bi mc nh ASP.NET Framework l mt cookiech khi no mt kiu ring ca thit b h tr cookie. ASP.NET Framework duy tr mtc s d liu ty thuc kh nng thit b trong thit lp ca cc file cha ng theong dn sau:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\BrowsersBi mc nh ASP.NET Framework khng bao gi s dng xc thc cookieless vi mttrnh duyt nh l IE. Nu bn mun ASP.NET Framework t ng pht hin trnh duyt

c h tr cookie hay khng th bn thit lp thuc tnh cookieless c gi tr lAutoDetect.

Listing 2.2M:

2.1.3 S dng s ht hn trt vi Forms AuthenticationBi mc nh Forms Authentication s dng cc hgii quyt trt ht hn, Ngi sdng khng yu cu trang trong vng 30 pht, trang s t ng ng xut.Nu bn c yu cu bo mt ng n, bn c th s dng gii php thi hn tuyt ithay cho trt thi hn. Trong trng hp ny, bn c th hiu lc mt ngi s dngng nhp li sau mt khong thi gian ring.

Listing 2.3M:


39/43

2.1.4 S dng Forms authentication ngang qua ng dng

Trong phn trc bn c hc chia s xc thc cookie qua cc ng dng khc nhautrong cng server hoc server khc nhau, trong phn ny bn s hc cch chia s xc thccookie qua nh domain.Mt cookie trnh duyt lun quan h vi domain, Vi d website Amazon khng th ccookie thit lp bi website itechpro hoc vietnamnet. Tuy nhin bn c th khm phrng bn cn chia s thng tin xc thc qua nhiu website vi nhiu domain khc nhau.Bn c th lm vic quanh vn ny bi vic truyn th xc thc trong mt chui truyvn hn l trong mt cookie Khng c g ngn cn bn truyn tham s qua cc domainkhc nhau. c th cho php trong ng cnh ny, bn phi cu hnh ng dng ca bn chp nhnth xc thc c truyn trong chui truy vn, nh v d sau:


Nu bn cu hnh nh Listing 2.4 cho php hai ng dng khc nhau nh v trn ccdomain khc nhau, hai ng dng khc nhau c th chia s th kim chng khc nhau.Khi bn lin kt hoc chuyn san trang t mt trang khc bn phi truyn th kim chngny trong chui tham s truy vn

Listing 2.5 QueryStringAuthenticate.aspxM:


40/43

void Page_Load(){

string cookieName = FormsAuthentication.FormsCookieName;string cookieValue = FormsAuthentication.GetAuthCookie(User.Identity.Name,

false).Value;lnkOtherDomain.NavigateUrl += String.Format("?{0}={1}", cookieName,cookieValue);

}

Untitled Page

2.1.5 S dng Lp FormsAuthenticationGiao tip lp trnh ng dng chnh cho tng tc vi kim chng Forms l lp

FormsAuthentication Lp ny h tr cc thuc tinh sau: CookieDomain: Tr v domain kt hp vi cookie xc thc CookieMode: Tr v kiu xc thc cookieless. C th l cc gi tr: AutoDetect,UseCookies, UseDeviceProfile, and UseUri. CookiesSupported: Tr v ng khi trnh duyt h tr cookie v xc thc Forms ccu hnh s dng cookies. DefaultUrl: Tr v URL ca trang m ngi s dng c chuyn ti sau khi ckim chng. EnableCrossAppRedirects: Tr v true khi th kim chng c th g b t chui truyvn FormsCookieName: tr v tn ca cookie xc thc

FormsCookiePath: Tr v ng dn kt hp vi cookie kim chng. LoginUrl: tr v URL ca trang m ngi s dng c chuyn ti khi s c kimchng. RequireSSL: Tr v ng khi cookie kim chng phi c truyn thng vi SSL. SlidingExpiration: Tr v True khi cookie kim chng s dng chnh sch trt quhn.Cc thuc tnh ny tr v cc thit lp cu hnh trong file web.configLp FormsAuthentication h tr cc phng thc sau:


41/43

Authenticate: Cho php bn kim tra li UserName v Password da vo mt danh schUserName v Password c lu tr trong file web.config. Decrypt: cho php bn gii m mt cookie xc thc GetAuthCookie: Cho php bn ly thng tin cookie xc thc. GetRedirectUrl: Cho php bn ly thng tin ng dn trang ban u gy ra chuyn ti

trang Login.aspx. HashPasswordForStoringInConfigFile: Cho php bn lu tr mt mt khu m n cth c lu tr trong file web.config. RedirectFromLoginPage: Cho php bn chuyn ngi s dng quay tr li trang banu c yu cu trc khi ngi s dng c chuyn ti trang Login.aspx. RedirectToLoginPage: cho php chuyn ngi s dng ti trang Login.aspx RenewTicketIfOld: Cho php bn cp nht thi gian ht hn ca cookie kim chng. SetAuthCookie: Cho php bn to v a ra mt cookie kim chng. SignOut: Cho php bn g b mt cookie kim chng v ng xut ngi s dng.Bn c th s dng cc phng thc v thuc tnh ca lp FormsAuthentication xydng ngi ng k s dng v h thng kim chng ngoi vic s dng ASP.NET

Menbership. V d Listing 2.6 cha ng mt danh sch tn s dng v mt khuListing 2.6 web6.configM:

Listing 2.6 cha ng thnh phn forms m cha ng thnh phn credentials.credentials bao gm mt danh sch UserName v Password.Ch rng thnh phn credentials cha mt thuc tnh PasswordFormatm c thit lpvi gi tr Clear, Nu bn thch lu tr mt khu trong Text hn bn c th lu tr mtkhu trong cc gi tr hash, Vi con ng th bt c ai trn webserver khng th nhnthy mt khu ca ngi khc. Trng hp 2 gi tr ca PasswordFormat c th l MD5v SHA1.

Listing 2.7 FormsLogin.aspxM:


42/43

protected void btnLogin_Click(object sender, EventArgs e)

{ if (FormsAuthentication.Authenticate(txtUserName.Text,txtPassword.Text))FormsAuthentication.RedirectFromLoginPage(txtUserName.Text,

chkRememberMe.Checked);else

lblError.Text = "Invalid user name/password";}

ng nhp h thng

Khi bn nhn vo nt Button Login, hm btnLogin_Click() c thc thi v phng thcFormsAuthentication.Authenticate() c s dng kim tra tn s dng v mt khunhp trong Textbox c trong fike web.config khng. Nu ngi s dng xc thc thnhcng th phng thc FormsAuthentication.RedirectFromLoginPage() c gi.


43/43

Phng thc RedirectFromLoginPage() lm hai vic: thm mt cookie xc thc vo trnhduyt ca ngi s dng v chuyn ngi s dng ti trang u tin b chuyn sang trangLogin.aspx. Nu ngi s dng yu cu trc tip trang Login.aspx th n s chuyn vtrang Default.aspx.Tham s th 2 truyn ti phng thc RedirectFromLoginPage() cho bit c bn c

mun s dng mt session hay mt persistent cookie hay khng. Nu bn to mtpersistent cookie th bn khng cn phi ng nhp trang web khi bn tr li trong mtthi gian sau .2.1.6 S dng lp UserBn c th s dng thuc tnh Page.User hoc HttpContext.User ly thng tin vngi s dng hin ti. Thuc tnh Page.User a ra mt i tng Principal m h trphng thc sau:IsInRole: Cho php kim tra ngi s dng c phi l mt thnh vin ca Role ring haykhng.V d Khi Windows Authentication c cho php, bn c th s dng phng thcIsInRole kim tra ngi s dng c phi l thnh vin ca nhm ring trong MS

Windows nh l nhm BUILTIN\Administrators hay khng?if (User.IsInRole(BUILTIN\Administrators)){// thc hin cng vic ca qun tr vin h iu hnh}i tng Principal ch bao gm mt thuc tnh Identity cho php bn ly thng tin vc tnh ca ngi s dng hin ti. i tng Indentity h tr ba thuc tnh sau:AuthenticationType: cho php bn xc nh ngi s dng c kim chng nh th noc th l cc gi tr: Forms, Basic, v NTLM.IsAuthenticated: cho php bn xc nh ngi s dng c c kim chng hay khng.Name: cho php ly thng tin tn ca ngi s dng.

Documents

Giao Trinh ASP Net Nang Cao