1

这是否是会话超时时注销用户的正确方法。这是我在母版页的 Page_init 中编写的代码。而且,
会话状态和表单身份验证就像,

<sessionState mode="InProc" timeout="1" cookieless="false">
    </sessionState>

      <authentication mode="Forms">
          <forms loginUrl="Default.aspx" timeout="2880"/>
        </authentication>


    if (userToLogin != null)
                {
                    if (Context.Session != null)
                    {
                        if (Session.IsNewSession)
                        {
                          HttpCookie newSessionIdCookie = Request.Cookies["ASP.NET_SessionId"];
                            if (newSessionIdCookie != null)
                            {
                                string newSessionIdCookieValue = newSessionIdCookie.Value;

                                if (newSessionIdCookieValue != string.Empty)
                                {
                                    **System.Web.Security.FormsAuthentication.SignOut();**                                
                                    Response.Redirect("SessionTimeOutPage.htm");
                                }
                            }
                        }
                    }

                }

请建议我这是正确的方法,或者某些东西可以作为最佳解决方案。

4

1 回答 1

1

将您的代码放入 Global.asax.cs

protected void Session_End(Object sender, EventArgs e)
{               

  HttpCookie authenticationCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
  if (authenticationCookie != null)
  {
    FormsAuthenticationTicket authenticationTicket = FormsAuthentication.Decrypt(authenticationCookie.Value);
    if (!authenticationTicket.Expired)
    {
       // log-out the user...                  
    }
  }

}
于 2012-07-17T10:33:22.227 回答