FormsAuthentication.HashPasswordForStoringInConfigFile(String, String) Método

Definición

Advertencia

Esta API está ya obsoleta.

Genera una contraseña con algoritmo hash apropiada para almacenar en un archivo de configuración basándose en la contraseña y el algoritmo hash especificados.Produces a hash password suitable for storing in a configuration file based on the specified password and hash algorithm.

public:
 static System::String ^ HashPasswordForStoringInConfigFile(System::String ^ password, System::String ^ passwordFormat);
[System.Obsolete("The recommended alternative is to use the Membership APIs, such as Membership.CreateUser. For more information, see https://go.microsoft.com/fwlink/?LinkId=252463.")]
public static string HashPasswordForStoringInConfigFile (string password, string passwordFormat);
static member HashPasswordForStoringInConfigFile : string * string -> string
Public Shared Function HashPasswordForStoringInConfigFile (password As String, passwordFormat As String) As String

Parámetros

password
String

Contraseña a la que se va a aplicar un algoritmo hash.The password to hash.

passwordFormat
String

Algoritmo hash que se va a usar.The hash algorithm to use. passwordFormat es un valor de tipo String que representa uno de los valores de la enumeración FormsAuthPasswordFormat.passwordFormat is a String that represents one of the FormsAuthPasswordFormat enumeration values.

Devoluciones

Contraseña con algoritmo hash.The hashed password.

Atributos

Excepciones

password es nullpassword is null

o bien-or- passwordFormat es null.passwordFormat is null.

passwordFormat no es un valor FormsAuthPasswordFormat válido.passwordFormat is not a valid FormsAuthPasswordFormat value.

Ejemplos

En el ejemplo de código siguiente se toma un nombre de usuario, una contraseña y un tipo hash, y se muestra la sección de credenciales de la configuración que incluye la definición de usuario y la contraseña con hash.The following code example takes a user name, password, and hash type and displays the credentials section of the configuration that includes the user definition and hashed password.

Importante

Este ejemplo contiene un cuadro de texto que acepta datos proporcionados por el usuario, que es una posible amenaza de seguridad.This example contains a text box that accepts user input, which is a potential security threat. De forma predeterminada, ASP.NET Web Pages valida que los datos proporcionados por el usuario no incluyen elementos HTML ni de script.By default, ASP.NET Web pages validate that user input does not include script or HTML elements. Para más información, consulte Información general sobre los ataques mediante scripts.For more information, see Script Exploits Overview.

<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
    <title>ASP.NET Example</title>
<script runat="server">
         void Cancel_Click(object sender, EventArgs e)
         {
            userName.Text = "";
            password.Text = "";
            repeatPassword.Text = "";
            result.Text = "";
         }
    
         void HashPassword_Click(object sender, EventArgs e)
         {
            if (Page.IsValid)
            {
               string hashMethod = "";

               if (md5.Checked)
               {
                  hashMethod = "MD5";
               }
               else
               {
                  hashMethod = "SHA1";
               }
    
               string hashedPassword =
                  FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod);
    
               result.Text = "&lt;credentials passwordFormat=\"" + hashMethod +"\"&gt;<br />" +
                  "  &lt;user name=\"" + Server.HtmlEncode(userName.Text) + "\" password=\"" +
                  hashedPassword + "\" /&gt;<br />" + "&lt;/credentials&gt;";
            }
            else
            {
               result.Text = "There was an error on the page.";
            }
         }
      </script>
   </head>

   <body>
      <form id="form1" runat="server">
         <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile
         method.<br />The user name and hashed password can be stored in a &lt;credentials&gt; node
         in the Web.config file.</p>
         <table cellpadding="2">
            <tbody>
               <tr>
                  <td>New User Name:</td>
                  <td><asp:TextBox id="userName" runat="server" /></td>
                  <td><asp:RequiredFieldValidator id="userNameRequiredValidator" 
                        runat="server" ErrorMessage="User name required" 
                        ControlToValidate="userName" /></td>
               </tr>
               <tr>
                  <td>Password: </td>
                  <td><asp:TextBox id="password" runat="server" TextMode="Password" /></td>
                  <td><asp:RequiredFieldValidator id="passwordRequiredValidator" 
                        runat="server" ErrorMessage="Password required" 
                        ControlToValidate="password" /></td>
               </tr>
               <tr>
                  <td>Repeat Password: </td>
                  <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password" /></td>
                  <td><asp:RequiredFieldValidator id="repeatPasswordRequiredValidator" 
                        runat="server" ErrorMessage="Password confirmation required" 
                        ControlToValidate="repeatPassword" />
                      <asp:CompareValidator id="passwordCompareValidator" runat="server" 
                        ErrorMessage="Password does not match" 
                        ControlToValidate="repeatPassword" 
                        ControlToCompare="password" /></td>
               </tr>
               <tr>
                  <td>Hash function:</td>
                  <td align="center">
                     <asp:RadioButton id="sha1" runat="server" GroupName="HashType" 
                                      Text="SHA1" />
                     <asp:RadioButton id="md5" runat="server" GroupName="HashType" 
                                      Text="MD5" />
                  </td>
               </tr>
               <tr>
                  <td align="center" colspan="2">
                    <asp:Button id="hashPassword" onclick="HashPassword_Click" 
                                runat="server" Text="Hash Password" />&nbsp;&nbsp; 
                    <asp:Button id="cancel" onclick="Cancel_Click" runat="server" 
                                Text="Cancel" CausesValidation="false" />
                  </td>
               </tr>
            </tbody>
         </table>

         <pre><asp:Label id="result" runat="server"></asp:Label></pre>
      </form>
   </body>
</html>
<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
    <title>ASP.NET Example</title>
<script runat="server">
         Sub Cancel_Click(sender As Object, e As EventArgs)
            userName.Text = ""
            password.Text = ""
            repeatPassword.Text = ""
            result.Text = ""
         End Sub
    
         Sub HashPassword_Click(sender As Object, e As EventArgs)
            If Page.IsValid Then
               Dim hashMethod As String = ""

               If md5.Checked Then
                  hashMethod = "MD5"
               Else
                  hashMethod = "SHA1"
               End If
    
               Dim hashedPassword As String = _
                  FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod)
    
               result.Text = "&lt;credentials passwordFormat=""" & hashMethod & _
                 """&gt;<br />" & "  &lt;user name=""" & Server.HtmlEncode(userName.Text) & """ password=""" & _
                 hashedPassword & """ /&gt;<br />" & "&lt;/credentials&gt;"
            Else
               result.Text = "There was an error on the page."
            End If
         End Sub
      </script>
   </head>

   <body>
      <form id="form1" runat="server">
         <p>This form displays the results of the FormsAuthentication.HashPasswordForStoringInConfigFile
         method.<br />The user name and hashed password can be stored in a &lt;credentials&gt; node
         in the Web.config file.</p>
         <table cellpadding="2">
            <tbody>
               <tr>
                  <td>New User Name:</td>
                  <td><asp:TextBox id="userName" runat="server" /></td>
                  <td><asp:RequiredFieldValidator id="userNameRequiredValidator" 
                        runat="server" ErrorMessage="User name required" 
                        ControlToValidate="userName" /></td>
               </tr>
               <tr>
                  <td>Password: </td>
                  <td><asp:TextBox id="password" runat="server" TextMode="Password" /></td>
                  <td><asp:RequiredFieldValidator id="passwordRequiredValidator" 
                        runat="server" ErrorMessage="Password required" 
                        ControlToValidate="password" /></td>
               </tr>
               <tr>
                  <td>Repeat Password: </td>
                  <td><asp:TextBox id="repeatPassword" runat="server" TextMode="Password" /></td>
                  <td><asp:RequiredFieldValidator id="repeatPasswordRequiredValidator" 
                        runat="server" ErrorMessage="Password confirmation required" 
                        ControlToValidate="repeatPassword" />
                      <asp:CompareValidator id="passwordCompareValidator" runat="server" 
                        ErrorMessage="Password does not match" 
                        ControlToValidate="repeatPassword" 
                        ControlToCompare="password" /></td>
               </tr>
               <tr>
                  <td>Hash function:</td>
                  <td align="center">
                     <asp:RadioButton id="sha1" runat="server" GroupName="HashType" 
                                      Text="SHA1" />
                     <asp:RadioButton id="md5" runat="server" GroupName="HashType" 
                                      Text="MD5" />
                  </td>
               </tr>
               <tr>
                  <td align="center" colspan="2">
                    <asp:Button id="hashPassword" onclick="HashPassword_Click" 
                                runat="server" Text="Hash Password" />&nbsp;&nbsp; 
                    <asp:Button id="cancel" onclick="Cancel_Click" runat="server" 
                                Text="Cancel" CausesValidation="false" />
                  </td>
               </tr>
            </tbody>
         </table>

         <pre><asp:Label id="result" runat="server"></asp:Label></pre>
      </form>
   </body>
</html>

Comentarios

El método HashPasswordForStoringInConfigFile crea un valor de contraseña con hash que se puede usar al almacenar credenciales de autenticación de formularios en el archivo de configuración de una aplicación.The HashPasswordForStoringInConfigFile method creates a hashed password value that can be used when storing forms-authentication credentials in the configuration file for an application.

El método Authenticate usa las credenciales de autenticación almacenadas en el archivo de configuración de una aplicación para comprobar las contraseñas de los usuarios de una aplicación.Authentication credentials stored in the configuration file for an application are used by the Authenticate method to verify passwords for users of an application. Como alternativa, puede usar la pertenencia a ASP.NET para almacenar las credenciales de usuario.Alternatively, you can use ASP.NET membership to store user credentials. Para obtener más información, consulte administrar usuarios mediante la pertenencia.For more information, see Managing Users by Using Membership.

Se aplica a

Consulte también: