转帖:ASP.NET中密码保护
你的主页或者你管理的网站有各种密码需要保护,把密码直接放在数据库或者文件中存在不少安全隐患,所以密码加密后存储是最常见的做法。在ASP.NET中实现加密非常容易。.NET SDK中提供了CookieAuthentication类,其中的HashPasswordForStoringInConfigFile方法可直接使用MD5和SHA1算法。例子如下:
file: encrypting.aspx
<%@ Page language="c#" Codebehind="encrypting.cs" AutoEventWireup="false" Inherits="encrypting.encrypting" %>
<html><head>
<meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">
<meta name="CODE_LANGUAGE" Content="C#"></head>
<body> <form method="post" runat="server">
<p> </p>
<p>
<asp:TextBox id=TextBox1 runat="server"></asp:TextBox>
<asp:Button id=Button1 runat="server" Text="encrypting"></asp:Button></p>
<p>Encrypting Password(MD5):
<asp:Label id=MD5 runat="server"></asp:Label></p>
</form> </body></html>file:encrypting.csnamespace encrypting
{
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Web.Security;
/// <summary>
/// Summary description for encrypting.
/// </summary>
public class encrypting : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Label MD5;
protected System.Web.UI.WebControls.Button Button1;
protected System.Web.UI.WebControls.TextBox TextBox1;public encrypting()
{
Page.Init += new System.EventHandler(Page_Init);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//
// Evals true first time browser hits the page
//
}
}
protected void Page_Init(object sender, EventArgs e)
{
//
// CODEGEN: This call is required by the ASP+ Windows Form Designer.
//
InitializeComponent();
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
Button1.Click += new System.EventHandler (this.Button1_Click);
this.Load += new System.EventHandler (this.Page_Load);
}
public void Button1_Click (object sender, System.EventArgs e)
{
MD5.Text = CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"MD5");
//SHA1 use CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"SHA1");
}
}
}
注意:类CookieAuthentication的namespace是System.Web.Security。
你的主页或者你管理的网站有各种密码需要保护,把密码直接放在数据库或者文件中存在不少安全隐患,所以密码加密后存储是最常见的做法。在ASP.NET中实现加密非常容易。.NET SDK中提供了CookieAuthentication类,其中的HashPasswordForStoringInConfigFile方法可直接使用MD5和SHA1算法。例子如下:
file: encrypting.aspx
<%@ Page language="c#" Codebehind="encrypting.cs" AutoEventWireup="false" Inherits="encrypting.encrypting" %>
<html><head>
<meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">
<meta name="CODE_LANGUAGE" Content="C#"></head>
<body> <form method="post" runat="server">
<p> </p>
<p>
<asp:TextBox id=TextBox1 runat="server"></asp:TextBox>
<asp:Button id=Button1 runat="server" Text="encrypting"></asp:Button></p>
<p>Encrypting Password(MD5):
<asp:Label id=MD5 runat="server"></asp:Label></p>
</form> </body></html>file:encrypting.csnamespace encrypting
{
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Web.Security;
/// <summary>
/// Summary description for encrypting.
/// </summary>
public class encrypting : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Label MD5;
protected System.Web.UI.WebControls.Button Button1;
protected System.Web.UI.WebControls.TextBox TextBox1;public encrypting()
{
Page.Init += new System.EventHandler(Page_Init);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//
// Evals true first time browser hits the page
//
}
}
protected void Page_Init(object sender, EventArgs e)
{
//
// CODEGEN: This call is required by the ASP+ Windows Form Designer.
//
InitializeComponent();
}
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
Button1.Click += new System.EventHandler (this.Button1_Click);
this.Load += new System.EventHandler (this.Page_Load);
}
public void Button1_Click (object sender, System.EventArgs e)
{
MD5.Text = CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"MD5");
//SHA1 use CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"SHA1");
}
}
}
注意:类CookieAuthentication的namespace是System.Web.Security。
解决方案 »
- linq问题(弱弱的问)
- 求网页嵌入flash代码,顺便求解为什么我的这个放不出来
- session的问题(全基本问题,因为我是新手)
- 在GridView1_RowCommand事件里能获得选种行项的值吗?
- @@@@@@@@@@datagrid帮定的字段,如果在数据库为空,如何取值@@@@@@@@@@
- 急急急!!!!DataGrid传递id的错误!
- 关于◆本周热门◆点击数在周一置零的问题==========================在线等,解决结帐
- 用户控件不可用的问题
- 接口实现接口的准则
- 我写了几个存储过程来操作20000多条记录的数据库表,在一台服务器上运行3到4次速度还好,但是以后运行就非常慢了为什么?系统(winnt+sql
- 大家帮忙,看看啦
- ASP.NET在WIN2000的IIS下的问题
//SHA1 use CookieAuthentication.HashPasswordForStoringInConfigFile(TextBox1.Text,"SHA1");
这样就行了,单向的,不能反的
<%@ import Namespace="System.Web.Security" %>
<script language="VB" runat="server" >
Sub Page_Load(Src As Object, E As EventArgs)
dim aa as string = "123"
dim bb as string
bb = CookieAuthentication.HashPasswordForStoringInConfigFile(aa,"MD5")
response.write(bb)
End Sub
</script>
right?