在可能的主域中,我通过以下代码创建身份验证 cookie:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
"user1",//username
DateTime.Now,
DateTime.Now.AddDays(5),
true,
"members",
FormsAuthentication.FormsCookiePath);
// To give more security it is suggested to hash it
string hashCookies = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies); // Hashed ticket
cookie.Expires = DateTime.Now.AddDays(5);
cookie.Domain = "xxx.com";
Response.Cookies.Add(cookie);
//get sessionid
ViewBag.sid = Session.SessionID;
在我的 web.config 中:
<authentication mode="Forms">
<forms loginUrl="~/Home/Index" name="x1" timeout="2880" domain="xxx.com" path="/" />
</authentication>
<machineKey validationKey="BCAC1F242F26C76DB8ADB999F29CB18B8EDB4437DF5E508770F6329F5B4C92A78DA447D3AB57B84E486109E7D0B0E230052AA2B14619702863A79DAFA44BF146" decryptionKey="A911156C3A378C70E10E4529C73B0DDC588D892177629D228D687C98EC879CEC" validation="SHA1" decryption="AES" />
在我的子域中,我有下面的控制器:
public ActionResult Index()
{
ViewBag.sid = Session.SessionID;
return View();
}
子域的web.config:
<authorization>
<deny users="?" />
</authorization>
<authentication mode="Forms">
<forms loginUrl="~/Login/Index" timeout="2880" domain="sub.helinus.com" name="x1" />
</authentication>
<machineKey validationKey="BCAC1F242F26C76DB8ADB999F29CB18B8EDB4437DF5E508770F6329F5B4C92A78DA447D3AB57B84E486109E7D0B0E230052AA2B14619702863A79DAFA44BF146" decryptionKey="A911156C3A378C70E10E4529C73B0DDC588D892177629D228D687C98EC879CEC" validation="SHA1" decryption="AES" />
当用户在主域中进行身份验证并重定向到子域时,为什么会话 ID 会发生变化?