问题
The situation is this:
We have several (19) sites that are currently configured to share a single ASP Membership database using different applicationNames, such as:
<membership defaultProvider="Site1Membership">
<providers>
<add
applicationName="/site1"
name="Site1Membership" />
<add
applicationName="/site2"
name="Site2Membership" />
</providers>
</membership>
My question is if there are multiple providers defined in web.config, can a user login via other than the default provider?
In the given configuration, obviously a user stored in the default provider with an applicationName of "/site1" would be able to login, but we would like a user in the repository with an applicationName of "/site2" to also be able to login.
We've tried prefacing the username with both the provider name and applicationName at login, such as:
site2:username or site2Membership:username
Neither appears to work.
The end goal is that although we want the 19 sites to have seperate users and security (i.e. site 1 users cannot login to site 2), we want a 20th site where users from all the sites can login and collaborate without needing a second username/password.
回答1:
It is possible to do however you have to write some custom code. In short, you need a way of determine to which group of users the given login belongs: an app specific user or a "global" user. I have handled this by requiring global users prefix their login with something like "G\" or "MyCompany\" whereas normal users are not required to do this.
The authentication aspect is actually quite easy. In the Click event of your login button or the OnAuthenticate method of the LoginControl, you simply need to detect the user and match them to the correct membership provider name.
MembershipProvider provider;
if ( username.Text.StartsWith("G\") then
provider = Membership.Providers["GlobalProvider"];
else
provider = Membership.Providers["StandardProvider"];
if ( provider.ValidateUser( ...
Where it gets complicated is the roles. The SqlRoleProvider is not designed to handle multiple applications using the same user store. You have to alter the procedures used by the SqlRoleProvider so that it will honor the application of the MembershipProvider instead of its default nature which is to only use the application of the RoleProvider. In addition, you'll need to ensure that the global users are automatically added to some role when they login.
来源:https://stackoverflow.com/questions/3470198/with-asp-net-membership-can-a-multiple-membership-providers-be-used-for-login-t