I have used facebook to allow users to log into a site. The page that manages the login will get the users facebook id and then look on the ASP.NET membership tables for a pre-existing user that has a matching ID.
No match: a new user is created and logged in (no problem).
A match: I want to log the user on. The problem is that I have the hashed password and I cannot use MembershipService.ValidateUser(logOn.UserName, logOn.Password)
to log the user on.
If I just use FormsAuthe开发者_高级运维ntication.SetAuthCookie
, the user doesn't appear as logged in.
I could set enablePasswordRetrieval to true in the web config and then just get the actual password, but I don't want to. I want this to be secure.
Does anyone know a way to log a user onto ASP.NET Membership just using the user name? I have looked at the MembershipProvider
class for alternative methods but I cant find any.
Thanks,
Oliver
You could try FormsAuthentication.RedirectFromLoginPage
(http://msdn.microsoft.com/en-us/library/ka5ffkce.aspx), which sets the cookie (I believe,though you may have to manually set the cookie), and then redirect to the designated page to redirect from (specified in the configuration file for the auth settings). Essentially, after setting the cookie, you do have to do a redirect or postback after setting it, because it won't look like the application has enabled your authentication.
HTH.
I think you can try to create your own authentication cookie containing a custom authentication ticket.
Refer to this msdn article on how to create your own auth ticket and cookie
http://msdn.microsoft.com/en-us/library/ff649204.aspx
精彩评论