Android與IIS身份驗證——Form驗證 – Android移動開發技術文章_手機開發 Android移動開發教學課程

內容摘要

  前言

  設計思路

  ASP.NET服務器端

  Android客戶端

  運行結果

        

  上篇《Android與IIS身份驗證——基本驗證》實現瞭Android客戶端與IIS的簡單驗證。而這種驗證方式雖然使用起來比較簡單,但是也有很多缺點。如,安全性較差,賬號密碼設置不靈活。讓我們回顧一下ASP.NET的身份驗證方式:Windows、Form和Passport。這三種驗證方式中,Form身份驗證方式最經常使用,因為它有很多優越性,其優點我就不一一介紹瞭。那麼,怎樣實現Android客戶端與IIS的Form身份驗證呢?我整理瞭一下,需要以下幾個步驟:


   一、設計思路

   Android客戶端訪問IIS服務器時,當沒有登陸時,ASP.NET通過Form集成驗證方法會返回一個登陸頁面。然後輸入正確的用戶名和密碼,就可以進入主程序瞭。流程如圖1.1所示。

 

圖1.1

 

  在Android客戶端訪問以IIS為宿主的ASP.NET服務器時,返回JSON格式來傳遞數據。客戶端中,根據返回數據的不同而判斷當前狀態是否已登陸。由於Form驗證是保存瞭Cookie,所示每次調用Http請求之前要先添加上次請求的Cookie。


  二、ASP.NET服務器端

  創建一個ASP.NET MVC網站項目。

  首先,由於每次請求都返回JSON格式的數據,我們編寫一個Model類來承載數據。

  

    public class ResponseResult
    {
        /// <summary>
        /// 是否已登錄
        /// </summary>
        public bool IsAuthenticated { get; set; }

        /// <summary>
        /// 是否執行成功
        /// </summary>
        public bool IsSuccess { get; set; }

        /// <summary>
        /// 登錄賬號
        /// </summary>
        public string Identity { get; set; }

        /// <summary>
        /// 執行結果
        /// </summary>
        public object Result { get; set; }
    }
 

  接著,編寫HomeController:

  

    [HandleError]
    public class HomeController : Controller
    {
        [Authorize]
        public ActionResult Index()
        {
            return Json(new ResponseResult
            {
                Result = "登陸成功",
                IsAuthenticated = true,
                IsSuccess = true,
                Identity = this.User.Identity.Name
            }, "text/html", JsonRequestBehavior.AllowGet);
        }

        public ActionResult LogOn()
        {
            return Json(new ResponseResult
            {
                Result = "您尚未登錄",
                IsSuccess = true
            }, "text/html", JsonRequestBehavior.AllowGet);
        }

        public ActionResult Register(string account, string password)
        {
            if (account == "liudong" && password == "123")
            {
                FormsAuthentication.SetAuthCookie(account, false);
                return Json(new ResponseResult
                {
                    Result = "登錄成功",
                    IsSuccess = true,
                    IsAuthenticated = true,
                    Identity = account
                }, "text/html", JsonRequestBehavior.AllowGet);
            }
            else
            {
                return Json(new ResponseResult
                {
                    Result = "用戶名或密碼錯誤",
                }, "text/html", JsonRequestBehavior.AllowGet);
            }
        }
 

  Index Action為登陸認證後才能訪問的Action。

  LogOn Action為未登陸時跳轉的Action。

  Register Action為登陸Action,用戶名和密碼正確後就保存Form驗證的Cookie。

 

  然後,在Web.config中配置Form驗證配置

 

<authentication mode="Forms">
      <forms loginUrl="~/Home/LogOn" timeout="2880" />
</authentication>

  最後,配置IIS,部署ASP.NET MV網站,如圖2.1所示。

 

 圖2.1

 

  三、Android客戶端

   首先,編寫一個調用Http請求的類。

  

package ld.com.authorize;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.util.List;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;

import org.apache.http.client.CookieStore;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.AbstractHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;

import android.util.Log;

public abstract class HttpHelper {

    private final static String TAG = "HttpHelper";
    private final static String SERVER_URL = "http://192.168.1.104:180/Home/";

    private static CookieStore cookieStore;

    public static String invoke(String actionName, List<NameValuePair> params) {
        String result = null;
        try {
            String url = SERVER_URL + actionName + "/";
            Log.d(TAG, "url is" + url);

            HttpPost httpPost = new HttpPost(url);
            if (params != null && params.size() > 0) {
                HttpEntity entity = new UrlEncodedFormEntity(params, "UTF-8");
                httpPost.setEntity(entity);
            }

            DefaultHttpClient httpClient = new DefaultHttpClient();

            // 添加Cookie
            if (cookieStore != null) {
                httpClient.setCookieStore(cookieStore);
            }

            HttpResponse httpResponse = httpClient.execute(httpPost);

            StringBuilder builder = new StringBuilder();
            BufferedReader reader = new BufferedReader(new InputStreamReader(
                    httpResponse.getEntity().getContent()));
            for (String s = reader.readLine(); s != null; s = reader.readLine()) {
                builder.append(s);
            }
            result = builder.toString();
            Log.d(TAG, "result is ( " + result + " )");

            // 保存Cookie
            cookieStore = ((AbstractHttpClient) httpClient).getCookieStore();
        } catch (Exception e) {
            Log.e(TAG, e.toString());
        }
        Log.d(TAG, "over");
        return result;
    }

    public static String invoke(String actionName) {
        return invoke(actionName, null);
    }
}
 

    註意的是,需要存儲一個全局的Cookie,在每次調用前添加上去,再在調用j結束後保存它。

 

  接著,添加兩個佈局文件:

  

<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
    android:orientation="vertical" android:layout_width="fill_parent"
    android:layout_height="fill_parent">


    <TextView android:text="賬號" android:layout_width="fill_parent"
        android:layout_height="20dip" />

    <EditText android:layout_width="fill_parent" android:hint="請輸入賬號"
        android:layout_height="40dip" android:id="@+id/edtAccount" />

    <TextView android:text="密碼" android:layout_width="fill_parent"
        android:layout_height="20dip" />

    <EditText android:layout_width="fill_parent" android:hint="請輸入密碼"
        android:password="true" android:layout_height="40dip" android:id="@+id/edtPassword" />

    <Button android:text="登錄" android:layout_width="fill_parent"
        android:layout_height="40dip" android:id="@+id/btnLogon" />
</LinearLayout>
 

 

<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
    android:orientation="vertical" android:layout_width="fill_parent"
    android:layout_height="fill_parent">

    <Button android:text="調用" android:id="@+id/btnInvoke"
        android:layout_width="fill_parent" android:layout_height="wrap_content" />

</LinearLayout>
 

   然後、編寫登陸和主Activity

 

package ld.com.authorize;

import java.util.ArrayList;
import java.util.List;

import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONException;
import org.json.JSONObject;

import android.app.Activity;
import android.app.ProgressDialog;
import android.content.Intent;
import android.os.AsyncTask;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;

public class LogonActivity extends Activity {

    private final String TAG = this.getClass().getSimpleName();

    private EditText edtAccount;
    private EditText edtPassword;

    private Button btnLogon;

    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.logon);

        edtAccount = (EditText) this.findViewById(R.id.edtAccount);
        edtPassword = (EditText) this.findViewById(R.id.edtPassword);

        btnLogon = (Button) this.findViewById(R.id.btnLogon);

        setButtonOnClick();
    }

    private void setButtonOnClick() {
        this.btnLogon.setOnClickListener(new OnClickListener() {

            @Override
            public void onClick(View v) {
                // TODO Auto-generated method stub
                AsyncTask<Void, Void, String> task = new AsyncTask<Void, Void, String>() {

                    private ProgressDialog progressDialog;

                    @Override
                    protected void onPostExecute(String result) {
                        // TODO Auto-generated method stub
                        // super.onPostExecute(result);
                        progressDialog.cancel();
                        Log.d(TAG, result);
                        try {
                            JSONObject json = new JSONObject(result);
                            String msg = json.getString("Result");
                            // 是否登錄
                            if (json.getBoolean("IsSuccess")) {
                                Toast.makeText(LogonActivity.this, msg,
                                        Toast.LENGTH_SHORT).show();

                                // 跳轉登錄Activity
                                Intent intent = new Intent();
                                intent.setClass(LogonActivity.this,
                                        MainActivity.class);
                                LogonActivity.this.startActivity(intent);
                            } else {
                                Toast.makeText(LogonActivity.this, msg,
                                        Toast.LENGTH_SHORT).show();
                            }
                        } catch (JSONException e) {
                            // TODO Auto-generated catch block
                            Log.e(TAG, e.toString());
                        }
                    }

                    @Override
                    protected void onPreExecute() {
                        // TODO Auto-generated method stub
                        super.onPreExecute();
                        progressDialog = new ProgressDialog(LogonActivity.this);
                        progressDialog.setCancelable(false);
                        progressDialog
                                .setProgressStyle(ProgressDialog.STYLE_SPINNER);
                        progressDialog.setTitle("登錄中,請稍後…");
                        progressDialog.show();
                    }

                    @Override
                    protected String doInBackground(Void… arg0) {
                        // TODO Auto-generated method stub
                        String account = edtAccount.getText().toString();
                        String password = edtPassword.getText().toString();
                        List<NameValuePair> params = new ArrayList<NameValuePair>();
                        params.add(new BasicNameValuePair("account", account));
                        params.add(new BasicNameValuePair("password", password));

                        try {
                            return HttpHelper.invoke("Register", params);
                        } catch (Exception e) {
                            Log.e(TAG, e.toString());
                            return null;
                        }
                    }
                };
                task.execute();
            }
        });
    }
}
 

 

 

package ld.com.authorize;

import org.json.JSONException;
import org.json.JSONObject;

import android.app.Activity;
import android.app.ProgressDialog;
import android.content.Intent;
import android.os.AsyncTask;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
import android.widget.Toast;

public class MainActivity extends Activity {

    private final String TAG = this.getClass().getSimpleName();

    private Button btnInvoke;

    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);

        btnInvoke = (Button) this.findViewById(R.id.btnInvoke);

        setInvokeOnClick();
    }

    private void setInvokeOnClick() {
        btnInvoke.setOnClickListener(new OnClickListener() {

            @Override
            public void onClick(View v) {
                // TODO Auto-generated method stub
                AsyncTask<Void, Void, String> task = new AsyncTask<Void, Void, String>() {

                    private ProgressDialog progressDialog;

                    @Override
                    protected void onPostExecute(String result) {
                        // TODO Auto-generated method stub
                        // super.onPostExecute(result);
                        progressDialog.cancel();
                        Log.d(TAG, result);
                        try {
                            JSONObject json = new JSONObject(result);
                            // 是否登錄
                            if (json.getBoolean("IsAuthenticated")) {
                                String msg = json.getString("Identity") + ":"
                                        + json.getString("Result");
                                Toast.makeText(MainActivity.this, msg,
                                        Toast.LENGTH_SHORT).show();
                            } else {
                                Toast.makeText(MainActivity.this,
                                        json.getString("Result"),
                                        Toast.LENGTH_SHORT).show();

                                // 跳轉登錄Activity
                                Intent intent = new Intent();
                                intent.setClass(MainActivity.this,
                                        LogonActivity.class);                               
                                MainActivity.this.startActivity(intent);
                            }
                        } catch (JSONException e) {
                            // TODO Auto-generated catch block
                            Log.e(TAG, e.toString());
                        }
                    }

                    @Override
                    protected void onPreExecute() {
                        // TODO Auto-generated method stub
                        super.onPreExecute();
                        progressDialog = new ProgressDialog(MainActivity.this);
                        progressDialog.setCancelable(false);
                        progressDialog
                                .setProgressStyle(ProgressDialog.STYLE_SPINNER);
                        progressDialog.setTitle("調用中,請稍後…");
                        progressDialog.show();
                    }

                    @Override
                    protected String doInBackground(Void… arg0) {
                        // TODO Auto-generated method stub
                        try {
                            return HttpHelper.invoke("Index");
                        } catch (Exception e) {
                            Log.e(TAG, e.toString());
                            return null;
                        }
                    }

                };
                task.execute();
            }
        });
    }
}
 

  最後,設置訪問權限:<uses-permission android:name="android.permission.INTERNET" />

  

  四、運行結果

  1.進入主MainActivity,圖4.1.1所示。

 

圖4.1.1

 

  2.調用Http請求,圖4.2.1所示。

 

圖4.2.1

 

  3.由於沒有登陸,所以跳轉到登陸Activity,圖4.3.1所示。

 

圖4.3.1

 

  4.故意輸入錯誤密碼使其登陸失敗,圖4.4.1所示。

 

圖4.4.1

 

  5.輸入正確的密碼後跳轉到主Activity,如圖4.5.1所示。

 

圖4.5.1

 

  6.再一次調用Http請求,這次是已登陸狀態,圖4.6.1所示。

發佈留言