嗨,我使用了表单身份验证并创建票证并将其添加到响应中,效果很好。
当我查看通过 Firefox 工具>pageinfo>security>cookies 创建的 cookie 时,发现当前在 cookie 上设置的过期时间。
它在本地运行良好,但是当我将其上传到服务器(服务器 2008-iis7)上时,过期时间不起作用,但设置在 cookie 上,并且我的 cookie 总是过期约 10 减去会员将注销。有一些特殊设置,我在互联网上查看了一些示例,但找不到任何东西。
我的验证码:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
username,//username
DateTime.Now,
DateTime.Now.AddMinutes(120),
true,
rollname,
FormsAuthentication.FormsCookiePath);
string hashCookies = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,hashCookies); // Hashed ticket
cookie.Expires = DateTime.Now.AddMinutes(120);
Response.Cookies.Add(cookie);
我在 global.asax 中使用此方法检查请求身份验证:
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
// look if any security information exists for this request
if (System.Web.HttpContext.Current.User != null)
{
// see if this user is authenticated, any authenticated cookie (ticket) exists for this user
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
// see if the authentication is done using FormsAuthentication
if (System.Web.HttpContext.Current.User.Identity is FormsIdentity)
{
// Get the roles stored for this request from the ticket
// get the identity of the user
FormsIdentity identity = (FormsIdentity)System.Web.HttpContext.Current.User.Identity;
// get the forms authetication ticket of the user
FormsAuthenticationTicket ticket = identity.Ticket;
// get the roles stored as UserData into the ticket
string[] roles = ticket.UserData.Split(',');
// create generic principal and assign it to the current request
System.Web.HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(identity, roles);
}
}
}
}
在我的网络配置中:
<authentication mode="Forms">
<forms loginUrl="~/Home.aspx" timeout="120" />
</authentication>