SqlMembershipProvider.ValidateUser(String, String) 方法

定义

验证 SQL Server 成员资格数据库中是否存在指定的用户名和密码。Verifies that the specified user name and password exist in the SQL Server membership database.

public:
 override bool ValidateUser(System::String ^ username, System::String ^ password);
public override bool ValidateUser (string username, string password);
override this.ValidateUser : string * string -> bool
Public Overrides Function ValidateUser (username As String, password As String) As Boolean

参数

username
String

要验证的用户的名称。The name of the user to validate.

password
String

指定的用户的密码。The password for the specified user.

返回

如果指定的用户名和密码有效,则为true ;否则为 falsetrue if the specified username and password are valid; otherwise, false. 如果数据库中没有此用户,也会返回 false 值。A value of false is also returned if the user does not exist in the database.

示例

下面的代码示例演示了配置为使用 forms 身份验证和的SqlMembershipProviderASP.NET 应用程序的登录页。The following code example shows the sign-in page for an ASP.NET application configured to use forms authentication and the SqlMembershipProvider. 如果提供的用户凭据无效,则向用户显示一条消息。If the supplied user credentials are invalid, a message is displayed to the user. 否则,使用RedirectFromLoginPage方法将用户重定向到最初请求的 URL。Otherwise, the user is redirected to the originally requested URL using the RedirectFromLoginPage method.

备注

此示例使用MembershipdefaultProvider在 web.config 文件中SqlMembershipProvider调用指定的。This example uses the Membership class to call the SqlMembershipProvider specified as the defaultProvider in the Web.config file. 如果需要以类型SqlMembershipProvider访问默认提供程序,则可以Provider强制转换Membership类的属性。If you need to access the default provider as the type SqlMembershipProvider, you can cast the Provider property of the Membership class. 若要以特定的提供程序类型访问其他已配置的提供程序,可以使用Providers Membership类的属性访问这些提供程序,并将其转换为特定的提供程序类型。To access other configured providers as a specific provider type, you can access them by their configured name with the Providers property of the Membership class and cast them as the specific provider type.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void Login_OnClick(object sender, EventArgs args)
{
   if (Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text))
      FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked);
   else
     Msg.Text = "Login failed. Please check your user name and password and try again.";
}


</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>Login</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Login</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br />
  Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br />
 
  <asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />
  <asp:CheckBox id="NotPublicCheckBox" runat="server" /> 
  Check here if this is <span style="text-decoration:underline">not</span> a public computer.

</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub Login_OnClick(sender As Object, args As  EventArgs)

   If (Membership.ValidateUser(UsernameTextbox.Text, PasswordTextbox.Text)) Then
      FormsAuthentication.RedirectFromLoginPage(UsernameTextbox.Text, NotPublicCheckBox.Checked)
   Else
     Msg.Text = "Login failed. Please check your user name and password and try again."
   End If

End Sub

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
  <title>Login</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Login</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  Username: <asp:Textbox id="UsernameTextbox" runat="server" /><br />
  Password: <asp:Textbox id="PasswordTextbox" runat="server" TextMode="Password" /><br />
 
  <asp:Button id="LoginButton" Text="Login" OnClick="Login_OnClick" runat="server" />
  <asp:CheckBox id="NotPublicCheckBox" runat="server" /> 
  Check here if this is <span style="text-decoration:underline">not</span> a public computer.

</form>

</body>
</html>

注解

此方法由Membership类调用,用于验证 ASP.NET 应用程序的配置文件(web.config)中指定的 SQL Server 数据库中用户的用户信息。This method is called by the Membership class to validate user information for a user in the SQL Server database specified in the ASP.NET application's configuration file (Web.config).

成功验证用户后,最后一个活动日期和最后一个登录日期值将更新为数据库中的当前日期和时间。When a user is successfully validated, the last activity date and last sign-in date values are updated to the current date and time in the database.

如果为ValidateUser方法提供了错误密码,则跟踪无效密码尝试的内部计数器会递增1。If an incorrect password is supplied to the ValidateUser method, the internal counter that tracks invalid password attempts is incremented by one. 这可能会导致用户被锁定,并且在通过调用UnlockUser方法清除锁定状态之前无法登录。This can result in the user being locked out and unable to log on until the lock status is cleared by a call to the UnlockUser method. 如果提供了正确的密码并且用户当前未锁定,则跟踪无效密码和密码答案尝试的内部计数器将重置为零。If the correct password is supplied and the user is not currently locked out, then the internal counters that track invalid password and password-answer attempts are reset to zero. 有关详细信息,请参阅MaxInvalidPasswordAttemptsPasswordAttemptWindow属性。For more information, see the MaxInvalidPasswordAttempts and PasswordAttemptWindow properties.

将从所有参数值中去除前导空格和尾随空格。Leading and trailing spaces are trimmed from all parameter values.

适用于

另请参阅