每隔一段时间,当有人登录到我的 ASP.Net MVC 4 应用程序时,他们就会返回到登录屏幕。重新输入凭据始终允许成功登录。日志记录确认两次尝试都输入了正确的凭据。
登录代码看起来像
[AllowAnonymous]
[HttpPost]
public ActionResult Login(LogOnModel model, string returnUrl)
{
try
{
MyData md = (MyData)Session["MyData"]; // Should be null, but testing that it is after logging out and back in
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
logger.Info("Successful login '" + model.UserName + "' from IP " + Request.IPAddresses());
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
logger.Warn("Login failed '" + model.UserName + "' from IP " + Request.IPAddresses());
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
else
{
logger.Warn("Login failed (model state invalid) '" + model.UserName + "' from IP " + Request.IPAddresses());
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
// If we got this far, something failed, redisplay form.
logger.Warn("Something failed during login. Redisplaying login form.");
}
catch (Exception ex)
{
logger.Warn("Exception during logon process: " + ex.Message);
}
return View(model);
}
变量logger是默认的 NLog 类记录器。
在隔离环境中重现问题后,日志文件立即看起来像
2012-08-22 10:51:25.4581 INFO 从 IP 10.0.0.21 成功登录“演示”
2012-08-22 10:51:39.9741 信息从 IP 10.0.0.21 成功登录“演示”
日志文件中不存在任何指示登录失败或异常的警告日志条目。
当 Web 服务器空闲一段时间后,这种情况似乎会更频繁地发生。
如何诊断/解决问题?