14

这是一个 MVC2 网站,我遇到了 FormsAuthentication 票证的问题。用户超时 30 分钟后无法重新登录。在测试期间,DateTime.Now.AddMinutes(30) 值设置为 5000,一切正常,但现在已更改为 30,这就是问题开始的时候

从 cookie 创建

 FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
            1,
            user.UserID,
            DateTime.Now,
            DateTime.Now.AddMinutes(30),
            false,
            "user,user1",
            FormsAuthentication.FormsCookiePath);

Web.config 文件

<authentication mode="Forms">
  <forms loginUrl="~/Account.mvc/LogOn" timeout="2880" name=".ASPXFORMSAUTH" />
</authentication>

工单创建中的过期值是否需要 >= web.config 值?

4

1 回答 1

26

因为您是手动创建身份验证 cookie,所以您的 web.config 中的超时值将被完全忽略。所以我建议你有相同的价值:

var ticket = new FormsAuthenticationTicket(
    1,
    user.UserID,
    DateTime.Now,
    DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
    false,
    "user,user1",
    FormsAuthentication.FormsCookiePath
);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
{
    HttpOnly = true,
    Secure = FormsAuthentication.RequireSSL,
    Path = FormsAuthentication.FormsCookiePath,
    Domain = FormsAuthentication.CookieDomain
};
Response.AppendCookie(cookie);
于 2011-03-02T18:21:24.130 回答