0

我已经通过使用一些自定义代码来设置 cookie 来实现表单身份验证。在我的开发服务器上的所有浏览器上正确登录后,我能够将用户重定向到正确的 ReturnUrl。我正在使用 ASP.NET 3.5 Web 窗体。

在我用于部署的远程服务器上,登录页面只是重新加载,而不是重定向到 ReturnUrl。奇怪的是,这只发生在 Webkit 浏览器上。Gecko 浏览器工作正常。我已经广泛搜索了一个解决方案,但找不到像这样的任何东西。

Web.config(我想从 Login.aspx 重定向到 Admin.aspx):

    <appSettings>
    <add key="ValidationSettings:UnobtrusiveValidationMode" value="none"/>
    <add key="loginUrl" value="Login.aspx"  />

</appSettings>
<system.web>
    <authentication mode="Forms">
        <forms name=".ASPXAUTH" loginUrl="Login.aspx" defaultUrl="Admin.aspx" protection="All" timeout="2880" cookieless="UseCookies" />
    </authentication>
...
    <system.web>

    <authorization>
        <deny users="?" />
    </authorization>

</system.web>
<location path ="Default.aspx">
    <system.web>
        <authorization>
            <allow users ="*"/>
        </authorization>
    </system.web>
</location>

<location path="Resources">
    <system.web>
        <authorization>
            <allow users="*" />
        </authorization>
    </system.web>
</location>
<location path="Admin.aspx">
    <system.web>
        <authorization>
            <deny users ="?"/>
        </authorization>
    </system.web>
</location>

登录.aspx.cs:

    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Submit_Click(object sender, EventArgs e)
    {
       DatabaseCommands c = new DatabaseCommands();

        if (c.CheckCredentials(txtUsername.Text, txtPassword.Text))
        {
            FormsAuthenticationTicket ticket;
            string cookieString;
            HttpCookie cookie;
            ticket = new FormsAuthenticationTicket(1, txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(1), true, "This is one kickass ticket, yo");
            cookieString = FormsAuthentication.Encrypt(ticket);
            cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieString);
            cookie.Expires = ticket.Expiration;
            cookie.Path = FormsAuthentication.FormsCookiePath;
            Response.Cookies.Add(cookie);
            string strRedirect = Request["ReturnUrl"];
            if (strRedirect == null)
                strRedirect = "Admin.aspx";
            Response.Redirect(strRedirect, true);
        }
        else
        {
            lblError.InnerText = "Invalid Credentials";
            lblError.Visible = true;
        }
    }

登录.aspx:

    <form id="form1" runat="server">
<div style="text-align:center">
    <h1>Login</h1>
        <table style="margin-right:auto;margin-left:auto;" id="loginForm">
        <tr><td><label id="username">User:</label></td><td><asp:TextBox ID="txtUsername" runat="server" Width="200px"></asp:TextBox></td></tr>
        <tr><td><label id="password">Password:</label></td><td><asp:TextBox runat="server" TextMode="Password" ID="txtPassword"  Width="200px"></asp:TextBox></td></tr>
        <tr><td><label id="lblError" runat="server" visible="false"></label></td><td><asp:Button ID="submit" Text="Submit" OnClick="Submit_Click" runat="server"  align="right" PostBackUrl="/Admin.aspx" OnClientClick="Submit_Click" /></td></tr>
        </table>
        </div>            
</form>
4

1 回答 1

1

事实证明,答案是注释掉行

  cookie.Path = ...
  cookie.Expires = ...

很高兴这有帮助。

于 2012-12-31T19:58:28.560 回答