开发者

ASP.NET site auto-login during development

开发者 https://www.devze.com 2023-03-04 23:14 出处:网络
While developing an ASP.NET site, is the a way to setup automatic login? For example, each time I build the site and run it, I have to login again.I don\'t want to disable security entirely, but I wo

While developing an ASP.NET site, is the a way to setup automatic login?

For example, each time I build the site and run it, I have to login again. I don't want to disable security entirely, but I woul开发者_如何学JAVAd like to automate the process of logging in while I'm working on the site.


Just keep your browser open and Ctrl+F5 after you modify and/or recompile in Visual Studio. This will keep the authentication cookie.

Another possibility is to setup an automatic login page in which you would test whether you are in Debug mode and force a Login by using FormsAuthentication.RedirectFromLoginPage("someusername", false);. Then you could instruct Visual Studio to always run the web site at this url:

protected void Page_Load(object sender, EventArgs e)
{
    #if DEBUG
    FormsAuthentication.RedirectFromLoginPage("someusername", false);
    #endif
}

Ideally this page should be excluded from the build process and never shipped.


As pointed out in the comments section by @Mufasa if your site uses Session you might need to use out of process mode (StateServer or SqlServer) instead of InProc because when you recompile the application domain will be reloaded and everything stored in memory lost.


Use Windows Integrated Authentication for your debugging, and Forms Authentication for your production code?

If this is an option, you could have multiple web.config files for your different environments - see question How do you handle multiple web.config files for multiple environments?.

We are also looking into having multiple web.configs for our different environments. One idea we have (that we haven't looked into in detail) it to use T4 code generation (part of Visual Studio) to generate the web.config as part of the build process.


This may or may not work given how intricate your security requirements are, but you could potentially have an alternate login page that uses integrated (NTLM or Kerberos) authentication and have your windows credentials flow through to the site automatically.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号