0

我一直在开发一个在 IIS 7 上设置的 Web 应用程序,它是在 DefaultWebSite 下运行的多个应用程序和 Web 服务之一。在 localhost 上开发时,我的 FormsAuthentication cookie 仍然存在;但是,当在服务器上发布时,cookie 不是持久的。我正在使用 SQLServer 会话,并在 Web 配置中有验证密钥以排除应用程序池回收。我一直在努力解决这个问题,但没有运气......请帮忙!

下面是一些代码:

<forms name=".OPTFORMSTEST" loginUrl="~/Secure/Login.aspx" defaultUrl="~/Default.aspx"  timeout="240" path="/" slidingExpiration="false" protection="All" />

Public Shared Function DoLogin(ByVal strUsername As String, ByVal isPersistent As Boolean)
    Dim authTicket As FormsAuthenticationTicket
    Dim authCookie As HttpCookie
    Dim strUserData As String = strUsername
    Dim intTimeoutPersist As Integer = 43200    '(30 days)
    Dim intTimeoutNonPersist As Integer = 300   '(5 hours)
    Dim intRtn As Integer = 1
    Dim strCookiePath As String = Current.Request.Url.AbsolutePath.Remove(Current.Request.ApplicationPath.Length)

    Try
        'set cookie timout period and create auth ticket based on isPersistent
        If isPersistent Then
            'create a persistent ticket
            authTicket = New FormsAuthenticationTicket(1, strUsername, _
                DateTime.Now(), _
                DateTime.Now.AddMinutes(intTimeoutPersist), _
                True, strUserData)
        Else
            'create a temp ticket
            authTicket = New FormsAuthenticationTicket(1, strUsername, _
                DateTime.Now(), _
                DateTime.Now.AddMinutes(intTimeoutNonPersist), _
                False, strUserData)
        End If

        'create encrypted string for user data
        Dim strEncr As String = FormsAuthentication.Encrypt(authTicket)
        'create cookie
        authCookie = New HttpCookie("OPTFORMSTEST", strEncr)
        'set cookie expiration based on the auth ticket
        If isPersistent Then
            authCookie.Expires = authTicket.Expiration
        End If
        Current.Response.Cookies.Add(authCookie)
    Catch ex As Exception
        intRtn = -1
    End Try
    Return intRtn
End Function
4

1 回答 1

0

经过一些试验,我发现 RedirectFromLoginPage 方法在从生产框中使用时会创建另一个 cookie。我用 Response.Redirect 替换,只创建了一个 cookie 并且它是持久的。

于 2013-02-27T19:58:26.383 回答