1

我为我的网站使用自定义会员提供程序。并使用此代码登录:

private User SetupFormsAuthTicket(string userName, bool persistanceFlag)
    {
        User user;
        UsersContext usersContext = new UsersContext();
            user = usersContext.GetUser(userName);

        var userId = user.UserId;
        var userData = userId.ToString(CultureInfo.InvariantCulture);
        var authTicket = new FormsAuthenticationTicket(1, //version
                            userName, // user name
                            DateTime.Now,             //creation
                            DateTime.Now.AddMinutes(30), //Expiration
                            persistanceFlag, //Persistent
                            userData);

        var encTicket = FormsAuthentication.Encrypt(authTicket);
        Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
        return user;
    }

但我在浏览器中检查了 cookie,只是保存了 ASPXAUTH 而没有保存 ASP.NET_SessionId

我想保存 ASP.NET_SessionId 但persistanceFlag 是真的。

4

1 回答 1

0

如果要持久化身份验证票证,则需要将 cookie Expires 显式设置为与身份验证票证到期相同。

....

var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);

if (authTicket.IsPersistent)
{
    cookie.Expires = authTicket.Expiration;
}

Response.Cookies.Add(cookie);
于 2013-09-23T15:43:48.113 回答