在我的 mvc4 应用程序中,我为表单身份验证创建 cookie
public ActionResult Login(UserLogin user)
{
if (ModelState.IsValid)
{
bool res = System.Web.Security.Membership.ValidateUser(user.UserName, user.Password);
if (res)
{
Utente utente = commonRepository.GetProfiloUtente(user.UserName);
if (utente != null)
{
Session["user"] = utente;
}
var serializer = new System.Web.Script.Serialization.JavaScriptSerializer();
string userData = serializer.Serialize(utente);
DateTime dataLavorativa = commonRepository.GetGiornoLavorativoPrecedente(utente.IDInterno);
Session["data_lavorativa"] = dataLavorativa;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
user.UserName, DateTime.Now, DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes), true, userData,
FormsAuthentication.FormsCookiePath);
string encTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Path = FormsAuthentication.FormsCookiePath,
Domain = FormsAuthentication.CookieDomain
};
// Create the cookie.
Response.Cookies.Add(cookie);
return RedirectToAction("Index", "Home");
}
else
{
ModelState.AddModelError("", "Login data is incorrect!");
}
}
return View("Index", user);
}
这在 FFox 中运行良好(如果我关闭浏览器然后重新打开)没关系,在 IE 和 Chrome 中我已被重定向到登录页面......我已经检查了两者,并且所有这些都处于较低级别的安全性......并接受cookies……有什么建议吗?谢谢