internal AuthConfig (object parent) { if (parent is AuthConfig) { has_parent = true; AuthConfig p = (AuthConfig) parent; mode = p.mode; cookieName = p.cookieName; cookiePath = p.cookiePath; loginUrl = p.loginUrl; protection = p.protection; timeout = p.timeout; pwdFormat = p.pwdFormat; #if NET_1_1 requireSSL = p.requireSSL; slidingExpiration = p.slidingExpiration; #endif #if NET_2_0 cookie_domain = p.cookie_domain; cookie_mode = p.cookie_mode; cookies_supported = p.cookies_supported; default_url = p.default_url; enable_crossapp_redirects = p.enable_crossapp_redirects; #endif credentialUsers = new Hashtable (p.CredentialUsers); } }
/// <summary> /// 为指定的字符串加密 /// </summary> /// <param name="eText">要加密的字符串</param> /// <param name="pwdFormat">用于存储密码的加密格式枚举</param> /// <returns>加密后的字符串散列码</returns> public static string Encryp(string eText, FormsAuthPasswordFormat pwdFormat) { if (string.IsNullOrEmpty(eText)) { return(null); } string pFormat = string.Empty; switch (pwdFormat) { case FormsAuthPasswordFormat.MD5: pFormat = "MD5"; break; case FormsAuthPasswordFormat.SHA1: pFormat = "SHA1"; break; case FormsAuthPasswordFormat.Clear: pFormat = "Clear"; break; default: break; } return(FormsAuthentication.HashPasswordForStoringInConfigFile(eText, pFormat)); }
internal AuthConfig(object parent) { if (parent is AuthConfig) { has_parent = true; AuthConfig p = (AuthConfig)parent; mode = p.mode; cookieName = p.cookieName; cookiePath = p.cookiePath; loginUrl = p.loginUrl; protection = p.protection; timeout = p.timeout; pwdFormat = p.pwdFormat; #if NET_1_1 requireSSL = p.requireSSL; slidingExpiration = p.slidingExpiration; #endif #if NET_2_0 cookie_domain = p.cookie_domain; cookie_mode = p.cookie_mode; cookies_supported = p.cookies_supported; default_url = p.default_url; enable_crossapp_redirects = p.enable_crossapp_redirects; #endif credentialUsers = new Hashtable(p.CredentialUsers); } }
/// <summary> /// 密码加密(Web) /// </summary> /// <param name="PasswordString">密码</param> /// <param name="format">加密格式枚举类型(Clear、MD5或SHA1)</param> /// <returns>密文</returns> public string Encrypt(string PasswordString, FormsAuthPasswordFormat format) { string password = string.Empty; if (!string.IsNullOrEmpty(PasswordString)) { password = FormsAuthentication.HashPasswordForStoringInConfigFile(PasswordString, format.ToString()); } return(password); }
internal AuthConfig (object parent) { if (parent is AuthConfig) { has_parent = true; AuthConfig p = (AuthConfig) parent; mode = p.mode; cookieName = p.cookieName; cookiePath = p.cookiePath; loginUrl = p.loginUrl; protection = p.protection; timeout = p.timeout; pwdFormat = p.pwdFormat; #if NET_1_1 requireSSL = p.requireSSL; slidingExpiration = p.slidingExpiration; #endif credentialUsers = new Hashtable (p.CredentialUsers); } }
/// <summary> /// 为指定的字符串加密 /// </summary> /// <param name="eText">要加密的字符串</param> /// <param name="pwdFormat">用于存储密码的加密格式枚举</param> /// <returns>加密后的字符串散列码</returns> public static string Encryp(string eText, FormsAuthPasswordFormat pwdFormat) { if (string.IsNullOrEmpty(eText)) return null; string pFormat = string.Empty; switch (pwdFormat) { case FormsAuthPasswordFormat.MD5: pFormat = "MD5"; break; case FormsAuthPasswordFormat.SHA1: pFormat = "SHA1"; break; case FormsAuthPasswordFormat.Clear: pFormat = "Clear"; break; default: break; } return FormsAuthentication.HashPasswordForStoringInConfigFile(eText, pFormat); }
static string HashPasswordForStoringInConfigFile(string password, FormsAuthPasswordFormat passwordFormat) { if (password == null) { throw new ArgumentNullException("password"); } byte [] bytes; switch (passwordFormat) { case FormsAuthPasswordFormat.MD5: bytes = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(password)); break; case FormsAuthPasswordFormat.SHA1: bytes = SHA1.Create().ComputeHash(Encoding.UTF8.GetBytes(password)); break; default: throw new ArgumentException("The format must be either MD5 or SHA1", "passwordFormat"); } return(MachineKeySectionUtils.GetHexString(bytes)); }
public string Forms_HashPassword(string password, FormsAuthPasswordFormat format) { return FormsAuthentication.HashPasswordForStoringInConfigFile(password, format.ToString()); }
public MD5Hasher(FormsAuthPasswordFormat format) { Format = format; }
internal AuthenticationConfig(AuthenticationConfig parent, XmlNode section) { if (parent != null) { _CookieName = parent.CookieName; _LoginUrl = parent.LoginUrl; _PasswordFormat = parent.PasswordFormat; _Credentials = (Hashtable)parent.Credentials.Clone(); _Mode = parent.Mode; _PassportUrl = parent.PassportUrl; _Protection = parent.Protection; _FormsCookiePath = parent.FormsCookiePath; _Timeout = parent.Timeout; _RequireSSL = parent.RequireSSL; _SlidingExpiration = parent.SlidingExpiration; } else { _Credentials = new Hashtable(); } //////////////////////////////////////////////////////////// // Step 1: Read the mode int iMode = 0; XmlNode attribute = HandlerBase.GetAndRemoveEnumAttribute(section, "mode", typeof(AuthenticationMode), ref iMode); if (attribute != null) { _Mode = (AuthenticationMode)iMode; if (_Mode == AuthenticationMode.Passport && UnsafeNativeMethods.PassportVersion() < 0) { throw new ConfigurationException( HttpRuntime.FormatResourceString(SR.Passport_not_installed), attribute); } } HandlerBase.CheckForUnrecognizedAttributes(section); //////////////////////////////////////////////////////////// // Step 2: Read children nodes foreach (XmlNode child in section.ChildNodes) { if (child.NodeType != XmlNodeType.Element) { continue; } if (child.Name == "forms") { ReadFormsSettings(child); } else if (child.Name == "passport") { attribute = child.Attributes.RemoveNamedItem("redirectUrl"); if (attribute != null) { _PassportUrl = attribute.Value; if (_PassportUrl.StartsWith("\\\\") || (_PassportUrl.Length > 1 && _PassportUrl[1] == ':')) { throw new ConfigurationException( HttpRuntime.FormatResourceString(SR.Auth_bad_url), attribute); } } HandlerBase.CheckForUnrecognizedAttributes(child); HandlerBase.CheckForChildNodes(child); } else { throw new ConfigurationException( HttpRuntime.FormatResourceString(SR.Auth_unrecognized_tag, child.Name), child); } } }
private void ReadFormsSettings(XmlNode node) { XmlNode tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "name", ref _CookieName); //Trace("FormsAuthConfigSettings::ReadSettings cookie name " + _CookieName); tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "loginUrl", ref _LoginUrl); if (tempAttr != null) { if (_LoginUrl.StartsWith("\\\\") || (_LoginUrl.Length > 1 && _LoginUrl[1] == ':')) { throw new ConfigurationException( HttpRuntime.FormatResourceString(SR.Auth_bad_url), tempAttr); } } //Trace("FormsAuthConfigSettings::ReadSettings login url " + _LoginUrl); int iTemp = 0; tempAttr = HandlerBase.GetAndRemoveEnumAttribute(node, "protection", typeof(FormsProtectionEnum), ref iTemp); if (tempAttr != null) { _Protection = (FormsProtectionEnum)iTemp; } tempAttr = HandlerBase.GetAndRemovePositiveIntegerAttribute(node, "timeout", ref _Timeout); tempAttr = HandlerBase.GetAndRemoveNonEmptyStringAttribute(node, "path", ref _FormsCookiePath); HandlerBase.GetAndRemoveBooleanAttribute(node, "requireSSL", ref _RequireSSL); HandlerBase.GetAndRemoveBooleanAttribute(node, "slidingExpiration", ref _SlidingExpiration); HandlerBase.CheckForUnrecognizedAttributes(node); foreach (XmlNode child in node.ChildNodes) { if (child.NodeType != XmlNodeType.Element) { continue; } if (child.Name != "credentials") { HandlerBase.ThrowUnrecognizedElement(child); } tempAttr = HandlerBase.GetAndRemoveEnumAttribute(child, "passwordFormat", typeof(FormsAuthPasswordFormat), ref iTemp); if (tempAttr != null) { _PasswordFormat = (FormsAuthPasswordFormat)iTemp; //Trace("FormsAuthConfigSettings::ReadSettings password format " + strTemp); } HandlerBase.CheckForUnrecognizedAttributes(child); foreach (XmlNode child2 in child.ChildNodes) { if (child2.NodeType != XmlNodeType.Element) { continue; } if (child2.Name != "user") { HandlerBase.ThrowUnrecognizedElement(child2); } string strUser = null; string strPass = null; tempAttr = HandlerBase.GetAndRemoveRequiredStringAttribute(child2, "name", ref strUser); HandlerBase.GetAndRemoveRequiredStringAttribute(child2, "password", ref strPass); HandlerBase.CheckForUnrecognizedAttributes(child2); HandlerBase.CheckForChildNodes(child2); //Trace("FormsAuthConfigSettings::ReadSettings adding user " + strUser + " " + strPass); strUser = strUser.ToLower(CultureInfo.InvariantCulture); String strPassInTable = (String)_Credentials[strUser]; if (strPassInTable == null) { _Credentials.Add(strUser, strPass); } else { if (String.Compare(strPassInTable, strPass, false, CultureInfo.InvariantCulture) != 0) { throw new ConfigurationException( HttpRuntime.FormatResourceString(SR.User_Already_Specified, strUser), tempAttr); } } } } }
public string Forms_HashPassword(string password, FormsAuthPasswordFormat format) { return(FormsAuthentication.HashPasswordForStoringInConfigFile(password, format.ToString())); }
public IdentityPasswordHasher() { FormsAuthPasswordFormat = FormsAuthPasswordFormat.Clear; }
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config) { base.Initialize(name, config); _passwordFormat = getPasswordFormat(); }
public override void Initialize(string name, System.Collections.Specialized.NameValueCollection config) { base.Initialize(name, config); _passwordFormat = GetPasswordFormat(); }
public PasswordHasherHelper(FormsAuthPasswordFormat format) { FormsAuthPasswordFormat = format; }
public static void Main() { // <Snippet1> // Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration("/aspnetTest"); // Get the authentication section. AuthenticationSection authenticationSection = (AuthenticationSection)configuration.GetSection( "system.web/authentication"); // Get the forms credentials collection . FormsAuthenticationCredentials formsAuthenticationCredentials = authenticationSection.Forms.Credentials; // </Snippet1> // <Snippet2> // Create a new FormsAuthenticationCredentials object. FormsAuthenticationCredentials newformsAuthenticationCredentials = new FormsAuthenticationCredentials(); // </Snippet2> // <Snippet3> // Get the current PasswordFormat property value. FormsAuthPasswordFormat currentPasswordFormat = formsAuthenticationCredentials.PasswordFormat; // Set the PasswordFormat property value. formsAuthenticationCredentials.PasswordFormat = FormsAuthPasswordFormat.SHA1; // </Snippet3> // <Snippet4> // Create a new FormsAuthenticationUserCollection object. FormsAuthenticationUserCollection newformsAuthenticationUser = new FormsAuthenticationUserCollection(); // </Snippet4> // <Snippet5> // Display all credentials collection elements. StringBuilder credentials = new StringBuilder(); for (System.Int32 i = 0; i < formsAuthenticationCredentials.Users.Count; i++) { credentials.Append("User: "******"Password: "******"5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8"; // Define the user name. string userName = "******"; // Create the new user. FormsAuthenticationUser currentUser = new FormsAuthenticationUser(userName, password); // Execute the Add method. formsAuthenticationCredentials.Users.Add(currentUser); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet6> // <Snippet7> // Using method Clear. formsAuthenticationCredentials.Users.Clear(); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet7> // <Snippet9> // Using method Remove. // Execute the Remove method. formsAuthenticationCredentials.Users.Remove("userName"); // Update if not locked if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet9> // <Snippet10> // Using method RemoveAt. formsAuthenticationCredentials.Users.RemoveAt(0); if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet10> // <Snippet11> // Using method Set. // Define the SHA1 encrypted password. string newPassword = "******"; // Define the user name. string currentUserName = "******"; // Create the new user. FormsAuthenticationUser theUser = new FormsAuthenticationUser(currentUserName, newPassword); formsAuthenticationCredentials.Users.Set(theUser); if (!authenticationSection.SectionInformation.IsLocked) { configuration.Save(); } // </Snippet11> // <Snippet12> // Get the user with the specified name. FormsAuthenticationUser storedUser = formsAuthenticationCredentials.Users.Get("userName"); // </Snippet12> // <Snippet13> // Get the user at the specified index. FormsAuthenticationUser storedUser2 = formsAuthenticationCredentials.Users.Get(0); // </Snippet13> // <Snippet14> // Get the key at the specified index. string thisKey = formsAuthenticationCredentials.Users.GetKey(0).ToString(); // </Snippet14> // <Snippet15> // Get the user element at the specified index. FormsAuthenticationUser storedUser3 = formsAuthenticationCredentials.Users[0]; // </Snippet15> // <Snippet16> // Get the user element with the specified name. FormsAuthenticationUser storedUser4 = formsAuthenticationCredentials.Users["userName"]; // </Snippet16> // <Snippet17> // Get the collection keys. object [] keys = formsAuthenticationCredentials.Users.AllKeys; // </Snippet17> }
static string HashPasswordForStoringInConfigFile (string password, FormsAuthPasswordFormat passwordFormat) { if (password == null) throw new ArgumentNullException ("password"); byte [] bytes; switch (passwordFormat) { case FormsAuthPasswordFormat.MD5: bytes = MD5.Create ().ComputeHash (Encoding.UTF8.GetBytes (password)); break; case FormsAuthPasswordFormat.SHA1: bytes = SHA1.Create ().ComputeHash (Encoding.UTF8.GetBytes (password)); break; default: throw new ArgumentException ("The format must be either MD5 or SHA1", "passwordFormat"); } return MachineKeySectionUtils.GetHexString (bytes); }