Asp.net mvc 5 无法使用具有Owin的Asp.Net标识注销
我无法使用带有Owin(最新版本)的ASP.NET标识注销MVC 5应用程序中的用户。登录很好…但是我无法在不打开浏览器设置删除cookie的情况下注销用户 当注销操作运行时,浏览器将重定向到具有[授权]属性的指定页面。此时应将其拒绝并重定向到登录页面 请注意,如果我手动删除Cookie,它将在尝试打开[Authorize]页面时正确重定向,因此未经验证用户的重定向操作正常工作 我看到了很多类似的问题,并尝试了解决方案,但迄今为止没有任何效果 我改变了:Asp.net mvc 5 无法使用具有Owin的Asp.Net标识注销,asp.net-mvc-5,owin,asp.net-identity-2,Asp.net Mvc 5,Owin,Asp.net Identity 2,我无法使用带有Owin(最新版本)的ASP.NET标识注销MVC 5应用程序中的用户。登录很好…但是我无法在不打开浏览器设置删除cookie的情况下注销用户 当注销操作运行时,浏览器将重定向到具有[授权]属性的指定页面。此时应将其拒绝并重定向到登录页面 请注意,如果我手动删除Cookie,它将在尝试打开[Authorize]页面时正确重定向,因此未经验证用户的重定向操作正常工作 我看到了很多类似的问题,并尝试了解决方案,但迄今为止没有任何效果 我改变了: AuthenticationManage
AuthenticationManager.SignOut();
[HttpPost]
[AllowAnonymous]
public ActionResult LogOff()
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
//Clear the principal to ensure the user does not retain any authentication
HttpContext.User = new GenericPrincipal(new GenericIdentity(string.Empty), null);
// Redirect to a controller/action that requires authentication to ensure a redirect takes place
// this clears the Request.IsAuthenticated flag since this triggers a new request
return RedirectToLocal(String.Empty);
}
public class OwinStartup
{
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>(new TenantDbContext()));
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(TenantDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieSecure = CookieSecureOption.Always,
Provider = new CookieAuthProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
}
public class CookieAuthProvider : CookieAuthenticationProvider
{
public override void ResponseSignIn(CookieResponseSignInContext context)
{
context.CookieOptions.Domain = context.Request.Uri.Host;
base.ResponseSignIn(context);
}
}
}
我认为也没有必要打电话来罢免校长。下面的链接似乎表明,多次呼叫注销可能会导致您的问题。我不知道为什么<代码>请求.GetOwinContext().Authentication.SignOut();Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationOkie);HttpContext.Current.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationOkie)如果您多次调用它们,它可以根据不久前的问题创建新登录名。。。这家伙说:“我知道我的答案不是最科学的,但说实话,我就是找不到为什么我提供的代码示例对我有效。我只知道那个系统。如果你以另一种方式注销,Web会破坏Owins Cookie…”只调用了一次注销…在没有删除主体的情况下尝试了它,但没有任何效果。如果在Fiddler中可以看到cookie,为什么要子类化/重写CookieAuthprovider/还有cookie的名称?我通常可以看到它们来自.NET,除非它被锁定。嗯,还有一个问题-,看起来它们的共同点是子域。
public class OwinStartup
{
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>(new TenantDbContext()));
// Configure the db context, user manager and signin manager to use a single instance per request
app.CreatePerOwinContext(TenantDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieSecure = CookieSecureOption.Always,
Provider = new CookieAuthProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
}
public class CookieAuthProvider : CookieAuthenticationProvider
{
public override void ResponseSignIn(CookieResponseSignInContext context)
{
context.CookieOptions.Domain = context.Request.Uri.Host;
base.ResponseSignIn(context);
}
}
}
private IAuthenticationManager AuthenticationManager
{
get
{
return HttpContext.GetOwinContext().Authentication;
}
}