图3 Config.web文件
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<!-- SECURITY
This section sets the security policies of the application.
Possible modes are "Windows", "Cookie",
"Passport" and "None"
-->
<!-- Use Cookie Authentication for external users -->
<security>
<authentication mode="Cookie">
<cookie cookie=".PRODAUTH" loginurl="https://
beta.visualstudio.net/Login.aspx"
decryptionkey="autogenerate">
<credentials passWordformat="Clear" />
</cookie>
</authentication>
<authorization>
<allow users="*" />
</authorization>
</security>
</configuration>
图4 认证代码
Public Sub cmdSubmit_Click(ByVal sender As Object, ByVal e As _
System.EventArgs)
Dim sUserID As String
Dim sPassword As String
Dim sAuthCookie As String
'External user, take the values from the Login form
sUserid = system.Convert.ToString(Me.txtUserID.Value)
sPassword = system.Convert.ToString(Me.txtPassword.Value)
adoRS = oBetaUser.LoginEx(sUserID, sPassword)
If adoRS.recordcount = 1 Then
'login success - get a session
adoRS = osSession.GetNewSession _
(adoRS("BetaSiteID").Value.ToString().ToInt32())
If Not adoRS Is Nothing Then
If adoRS.Recordcount > 0 Then
adoRS.movefirst()
'Set the authentication cookie using the SID
sAuthCookie = adoRS("SID").Value.ToString()
'use ASP+ authentication to authenticate the user,
If Instr(CookieAuthentication.GetRedirectUrl _
(sAuthCookie, True), "default.aspx") > 0 Then
CookieAuthentication.SetAuthCookie(sAuthCookie, True)
Response.Redirect(system.Convert.ToString( _
oSiteUser.GlobalPath) & "Home.aspx")
Else
CookieAuthentication.RedirectFromLoginPage( _
sAuthCookie, True)
End If
Else
'login failed
Response.Redirect("LoginFailed.aspx")
End If
Else
'login failed
Response.Redirect("LoginFailed.aspx")
End If
Else
'login failed
Response.Redirect("LoginFailed.aspx")
End If
End Sub