System.Web.Security 命名空间

System.Web.Security 命名空间包含用于在 Web 服务器应用程序中实现 ASP.NET 安全性的类。 The System.Web.Security namespace contains classes that are used to implement ASP.NET security in Web server applications.

ActiveDirectoryMembershipProvider

为 Active Directory 和 Active Directory 应用程序模式服务器中的 ASP.NET 应用程序管理成员资格信息的存储。Manages storage of membership information for an ASP.NET application in Active Directory and Active Directory Application Mode servers.

ActiveDirectoryMembershipUser

公开和更新 Active Directory 数据存储区中存储的成员资格用户信息。Exposes and updates membership user information stored in an Active Directory data store.

AnonymousIdentificationEventArgs

提供 AnonymousIdentification_Creating 事件的数据。Provides data for the AnonymousIdentification_Creating event. 此类不能被继承。This class cannot be inherited.

AnonymousIdentificationModule

管理 ASP.NET 应用程序的匿名标识符。Manages anonymous identifiers for the ASP.NET application.

AuthorizationStoreRoleProvider

在 XML 文件中、Active Directory 中或 Active Directory 应用程序模式服务器上管理 ASP.NET 应用程序的角色成员资格信息在授权管理器策略存储区中的存储。Manages storage of role-membership information for an ASP.NET application in an authorization-manager policy store, either in an XML file, in an Active Directory, or on an Active Directory Application Mode server.

DefaultAuthenticationEventArgs

为 DefaultAuthentication_OnAuthenticate 事件提供数据。Provides data for the DefaultAuthentication_OnAuthenticate event. 此类不能被继承。This class cannot be inherited.

DefaultAuthenticationModule

确保上下文中存在身份验证对象。Ensures that an authentication object is present in the context. 此类不能被继承。This class cannot be inherited.

FileAuthorizationModule

验证远程用户是否具有访问所请求的文件的权限。Verifies that the user has permission to access the file requested. 此类不能被继承。This class cannot be inherited.

FormsAuthentication

为 Web 应用程序管理 Forms 身份验证服务。Manages forms-authentication services for Web applications. 此类不能被继承。This class cannot be inherited.

FormsAuthenticationEventArgs

为 FormsAuthentication_OnAuthenticate 事件提供数据。Provides data for the FormsAuthentication_OnAuthenticate event. 此类不能被继承。This class cannot be inherited.

FormsAuthenticationModule

启用 Forms 身份验证的情况下设置 ASP.NET 应用程序用户的标识。Sets the identity of the user for an ASP.NET application when forms authentication is enabled. 此类不能被继承。This class cannot be inherited.

FormsAuthenticationTicket

提供对票证的属性和值的访问,这些票证用于 Forms 身份验证对用户进行标识。Provides access to properties and values of the ticket used with forms authentication to identify users. 此类不能被继承。This class cannot be inherited.

FormsIdentity

表示一个使用 Forms 身份验证进行了身份验证的用户标识。Represents a user identity authenticated using forms authentication. 此类不能被继承。This class cannot be inherited.

MachineKey

提供一种使用与 ASP.NET 窗体身份验证和视图状态所用相同的算法和密钥值对数据进行加密或哈希处理(或两者)的方法。Provides a way to encrypt or hash data (or both) by using the same algorithms and key values that are used for ASP.NET forms authentication and view state.

Membership

验证用户凭据并管理用户设置。Validates user credentials and manages user settings. 此类不能被继承。This class cannot be inherited.

MembershipCreateUserException

当成员资格提供程序未能成功创建用户时引发的异常。The exception that is thrown when a user is not successfully created by a membership provider.

MembershipPasswordAttribute

验证密码字段是否满足成员资格提供程序的当前密码要求。Validates whether a password field meets the current password requirements for the membership provider.

MembershipPasswordException

当无法从密码存储区检索密码时引发的异常。The exception that is thrown when a password cannot be retrieved from the password store.

MembershipProvider

定义 ASP.NET 为使用自定义成员资格提供程序提供成员资格服务而实现的协定。Defines the contract that ASP.NET implements to provide membership services using custom membership providers.

MembershipProviderCollection

继承 MembershipProvider 抽象类的对象的集合。A collection of objects that inherit the MembershipProvider abstract class.

MembershipUser

公开和更新成员资格数据存储区中的成员资格用户信息。Exposes and updates membership user information in the membership data store.

MembershipUserCollection

MembershipUser 对象的集合。A collection of MembershipUser objects.

PassportAuthenticationEventArgs

Authenticate 传递到 PassportAuthenticationModule 事件的事件参数。The event argument passed to the Authenticate event by a PassportAuthenticationModule. 由于此处已存在一个标识,因此这主要用于使用已提供的标识将自定义 IPrincipal 对象附加到上下文。Since there is already an identity at this point, this is useful mainly for attaching a custom IPrincipal object to the context using the supplied identity. 此类已弃用。This class is deprecated.

PassportAuthenticationModule

提供围绕 Passport 身份验证服务的包装。Provides a wrapper around Passport Authentication services. 此类不能被继承。This class cannot be inherited. 此类已弃用。This class is deprecated.

PassportIdentity

提供要由 PassportAuthenticationModule 使用的类。Provides a class to be used by PassportAuthenticationModule. 它为应用程序提供了一种访问 Ticket(String) 方法的途径。It provides a way for an application to access the Ticket(String) method. 此类不能被继承。This class cannot be inherited. 此类已弃用。This class is deprecated.

PassportPrincipal

表示一个经过 Passport 身份验证的主体。Represents a Passport-authenticated principal. 此类已弃用。This class is deprecated.

RoleManagerEventArgs

GetRoles 类的 RoleManagerModule 事件提供事件数据。Provides event data for the GetRoles event of the RoleManagerModule class.

RoleManagerModule

管理当前用户的 RolePrincipal 实例。Manages a RolePrincipal instance for the current user. 此类不能被继承。This class cannot be inherited.

RolePrincipal

表示当前 HTTP 请求的安全信息,包括角色成员资格。Represents security information for the current HTTP request, including role membership. 此类不能被继承。This class cannot be inherited.

RoleProvider

定义 ASP.NET 为使用自定义角色提供程序提供角色管理服务而实现的协定。Defines the contract that ASP.NET implements to provide role-management services using custom role providers.

RoleProviderCollection

继承 RoleProvider 抽象类的对象的集合。A collection of objects that inherit the RoleProvider abstract class.

Roles

管理角色中的用户成员资格,以便在 ASP.NET 应用程序中进行授权检查。Manages user membership in roles for authorization checking in an ASP.NET application. 此类不能被继承。This class cannot be inherited.

SqlMembershipProvider

管理 SQL Server 数据库中 ASP.NET 应用程序的成员资格信息存储。Manages storage of membership information for an ASP.NET application in a SQL Server database.

SqlRoleProvider

对 ASP.NET 应用程序的角色成员资格信息在 SQL Server 数据库中的存储进行管理。Manages storage of role membership information for an ASP.NET application in a SQL Server database.

UrlAuthorizationModule

验证用户具有访问所请求的 URL 的权限。Verifies that the user has permission to access the URL requested. 此类不能被继承。This class cannot be inherited.

ValidatePasswordEventArgs

ValidatingPassword 类的 MembershipProvider 事件提供事件数据。Provides event data for the ValidatingPassword event of the MembershipProvider class.

WindowsAuthenticationEventArgs

为 WindowsAuthentication_OnAuthenticate 事件提供数据。Provides data for the WindowsAuthentication_OnAuthenticate event. 此类不能被继承。This class cannot be inherited.

WindowsAuthenticationModule

启用 Windows 身份验证的情况下设置 ASP.NET 应用程序用户的标识。Sets the identity of the user for an ASP.NET application when Windows authentication is enabled. 此类不能被继承。This class cannot be inherited.

WindowsTokenRoleProvider

通过 Windows 组成员资格获取 ASP.NET 应用程序的角色信息。Gets role information for an ASP.NET application from Windows group membership.

枚举

ActiveDirectoryConnectionProtection

指定 ActiveDirectoryMembershipProvider 类所支持的连接保护选项。Specifies the connection protection options supported by the ActiveDirectoryMembershipProvider class.

CookieProtection

描述 Cookie 中信息的保护方式。Describes how information in a cookie is protected.

MachineKeyProtection

指定值,这些值指示应该对数据进行加密还是解密,应该追加还是验证基于哈希的消息验证代码 (HMAC),或者两个操作都执行。Specifies values that indicates whether data should be encrypted or decrypted, whether a hash-based message authentication code (HMAC) should be appended or validated, or both.

MembershipCreateStatus

描述 CreateUser(String, String) 操作的结果。Describes the result of a CreateUser(String, String) operation.

MembershipPasswordFormat

描述用于存储成员身份用户密码的加密格式。Describes the encryption format for storing passwords for membership users.

委托

AnonymousIdentificationEventHandler

表示处理 AnonymousIdentificationModuleAnonymousIdentification_Creating 事件的方法。Represents the method that handles the AnonymousIdentification_Creating event of a AnonymousIdentificationModule.

DefaultAuthenticationEventHandler

表示处理 DefaultAuthenticationModule 的 DefaultAuthentication_OnAuthenticate 事件的方法。Represents the method that handles the DefaultAuthentication_OnAuthenticate event of a DefaultAuthenticationModule.

FormsAuthenticationEventHandler

表示处理 FormsAuthenticationModuleFormsAuthentication_OnAuthenticate 事件的方法。Represents the method that handles the FormsAuthentication_OnAuthenticate event of a FormsAuthenticationModule.

MembershipValidatePasswordEventHandler

表示将处理 MembershipProvider 类的 ValidatingPassword 事件的方法。Represents the method that will handle the ValidatingPassword event of the MembershipProvider class.

PassportAuthenticationEventHandler

表示处理 PassportAuthenticationModulePassportAuthentication_OnAuthenticate 事件的方法。Represents the method that handles the PassportAuthentication_OnAuthenticate event of a PassportAuthenticationModule. 此类已弃用。This class is deprecated.

RoleManagerEventHandler

GetRoles 类的 RoleManagerModule 事件定义委托。Defines the delegate for the GetRoles event of the RoleManagerModule class.

WindowsAuthenticationEventHandler

表示处理 WindowsAuthenticationModuleWindowsAuthentication_OnAuthenticate 事件的方法。Represents the method that handles the WindowsAuthentication_OnAuthenticate event of a WindowsAuthenticationModule.

注解

Membership类由 ASP.NET 应用程序验证用户凭据和管理用户设置,如密码和电子邮件地址。The Membership class is used by ASP.NET applications to validate user credentials and manage user settings such as passwords and email addresses. Roles类使您能够管理授权基于分配到 Web 应用程序中的角色的用户组应用程序。The Roles class enables you to manage authorization for your application based on groups of users assigned to roles in the Web application.

这两个Membership类和Roles类都使用提供程序,访问应用程序的数据存储区检索成员资格和角色信息的类。Both the Membership class and the Roles class work with providers, classes that access your application's data store to retrieve membership and role information. 成员资格和角色的信息可以存储在 Microsoft SQL Server 数据库中使用SqlMembershipProviderSqlRoleProvider类; 在 Active Directory 使用ActiveDirectoryMembershipProviderAuthorizationStoreRoleProvider类,或自定义数据源中使用的实现MembershipProviderRoleProvider类。Membership and role information can be stored in a Microsoft SQL Server database using the SqlMembershipProvider and SqlRoleProvider classes; in an Active Directory using the ActiveDirectoryMembershipProvider and AuthorizationStoreRoleProvider classes, or in a custom data source using implementations of the MembershipProvider and RoleProvider classes.

配置使用 ASP.NET 成员资格membership 元素 (ASP.NET 设置架构)You configure ASP.NET membership using the membership Element (ASP.NET Settings Schema). 访问使用成员身份的应用程序时,ASP.NET 创建的实例Membership可以使用查询成员身份信息的类。When an application using membership is accessed, ASP.NET creates an instance of the Membership class that you can use to query membership information. 特定于提供程序的实现MembershipUser类包含有关用户访问页面的信息。Provider-specific implementations of the MembershipUser class contain information about the user accessing the page. 您可以创建的自定义实现MembershipUser应用程序类。You can create custom implementations of the MembershipUser class for your application.

配置使用 ASP.NET 角色roleManager 元素 (ASP.NET 设置架构)You configure ASP.NET roles using the roleManager Element (ASP.NET Settings Schema). ASP.NET 创建的实例Roles类,其中包含当前用户的角色成员身份信息。ASP.NET creates an instance of the Roles class that contains information about the role membership of the current user.

ASP.NET 提供了与之交互的服务器控件Membership类和Roles类。ASP.NET provides server controls that interact with the Membership class and the Roles class. LoginCreateUserWizard,并ChangePassword控件与配合Membership类来简化创建经过身份验证的 Web 应用程序,和LoginView控件使用特定于角色的模板来为特定的组自定义 Web 页用户。The Login, CreateUserWizard, and ChangePassword controls work with the Membership class to simplify creating an authenticated Web application, and the LoginView control uses role-specific templates to customize Web pages for specific groups of users.

另请参阅