Cookies 跨子域的Asp.NET cookie未更新且未过期
我有2个子域名,我需要设置和读取两个网站相同的cookie 当我使用localhost时,一切正常 当我切换到使用有效URL时,cookie信息在我更新它时(注销时过期日期)并没有真正更新 我已将cookie的域设置为“.mysite.com” 有什么问题吗?这是我的代码:(在本地主机上工作正常,但在子域上不工作,从不让用户注销,因为cookie不会过期) 登录页面:Cookies 跨子域的Asp.NET cookie未更新且未过期,cookies,subdomain,Cookies,Subdomain,我有2个子域名,我需要设置和读取两个网站相同的cookie 当我使用localhost时,一切正常 当我切换到使用有效URL时,cookie信息在我更新它时(注销时过期日期)并没有真正更新 我已将cookie的域设置为“.mysite.com” 有什么问题吗?这是我的代码:(在本地主机上工作正常,但在子域上不工作,从不让用户注销,因为cookie不会过期) 登录页面: FormsAuthentication.SetAuthCookie(UserName.Text, true); //
FormsAuthentication.SetAuthCookie(UserName.Text, true);
// set the active collab cookie
Member member = MemberManager.GetMemberByUsername(UserName.Text);
HttpCookie cookie = new HttpCookie("Token", member.Profile.Token);
cookie.Domain = ConfigurationManager.AppSettings["CookieDomain"];
cookie.Expires = DateTime.Now.AddYears(1);
Response.Cookies.Add(cookie);
阿萨克斯球
if (HttpContext.Current.Request.Cookies["Token"] != null) {
string token = HttpContext.Current.Request.Cookies["Token"].Value;
if (!string.IsNullOrEmpty(token)) {
// If the user is logged in with a different token
// or not logged in at all
// then log them in with the token from the cookie
if ((MemberManager.CurrentMember != null && MemberManager.CurrentMember.Profile.Token != token) || User == null) {
Member member = MemberManager.GetMemberByToken(token);
if (member != null) {
FormsAuthentication.SetAuthCookie(member.User.UserName, true);
}
}
}
}
注销代码:
if (Request.Cookies["Token"] != null) {
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(aCookie);
}
Web.Config
<machineKey
validationKey="{-snip-}"
decryptionKey="{-snip-}"
validation="SHA1"
decryption="AES" />
<authentication mode="Forms">
<forms name="AuthCookie"
path="/"
loginUrl="~/login.aspx"
protection="All"
timeout="60">
</forms>
</authentication>
以下是我的代码:(在本地主机上运行良好,但在子域上不起作用,从不注销用户,因为cookie不会过期)
登录页面:
FormsAuthentication.SetAuthCookie(UserName.Text, true);
// set the active collab cookie
Member member = MemberManager.GetMemberByUsername(UserName.Text);
HttpCookie cookie = new HttpCookie("Token", member.Profile.Token);
cookie.Domain = ConfigurationManager.AppSettings["CookieDomain"];
cookie.Expires = DateTime.Now.AddYears(1);
Response.Cookies.Add(cookie);
阿萨克斯球
if (HttpContext.Current.Request.Cookies["Token"] != null) {
string token = HttpContext.Current.Request.Cookies["Token"].Value;
if (!string.IsNullOrEmpty(token)) {
// If the user is logged in with a different token
// or not logged in at all
// then log them in with the token from the cookie
if ((MemberManager.CurrentMember != null && MemberManager.CurrentMember.Profile.Token != token) || User == null) {
Member member = MemberManager.GetMemberByToken(token);
if (member != null) {
FormsAuthentication.SetAuthCookie(member.User.UserName, true);
}
}
}
}
注销代码:
if (Request.Cookies["Token"] != null) {
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(aCookie);
}
Web.Config
<machineKey
validationKey="{-snip-}"
decryptionKey="{-snip-}"
validation="SHA1"
decryption="AES" />
<authentication mode="Forms">
<forms name="AuthCookie"
path="/"
loginUrl="~/login.aspx"
protection="All"
timeout="60">
</forms>
</authentication>
试试这个:
if (Request.Cookies["Token"] != null) {
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies["Token"] = aCookie;
}
不要添加它,而是将其设置为现有cookie。尝试以下操作:
if (Request.Cookies["Token"] != null) {
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies["Token"] = aCookie;
}
与其添加,不如将其设置为现有cookie。web.config中的表单身份验证设置需要启用跨应用重定向:
<authentication mode="Forms">
<forms loginUrl="~/login.aspx" protection="All" timeout="960" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="false" defaultUrl="~/default.aspx" enableCrossAppRedirects="true"/>
</authentication>
您在web.config中的表单身份验证设置需要启用跨应用重定向:
<authentication mode="Forms">
<forms loginUrl="~/login.aspx" protection="All" timeout="960" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="false" defaultUrl="~/default.aspx" enableCrossAppRedirects="true"/>
</authentication>
答案是在注销时使域过期时将其设置为cookie
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
aCookie.Domain = ConfigurationManager.AppSettings["CookieDomain"];
Response.Cookies.Add(aCookie);
答案是在注销时使域过期时将其设置为cookie
HttpCookie aCookie = Request.Cookies["Token"];
aCookie.Expires = DateTime.Now.AddDays(-1);
aCookie.Domain = ConfigurationManager.AppSettings["CookieDomain"];
Response.Cookies.Add(aCookie);
我得到这个错误'System.Web.HttpCookieCollection.this[string]'不能分配给--它是只读的。我得到这个错误'System.Web.HttpCookieCollection.this[string]'不能分配给--它是只读的。第一:你应该更新你的问题,而不是发布答案。观察:通常不必设置cookie域。Cookie可以通过TLD(顶级域)访问,并且不需要以这种方式进行处理。如果你的应用程序位于不同的TLD中,那么它将无法工作,尽管我怀疑这不是你的问题。另外,我无法理解你想要完成什么,所以我可能无法帮助你。似乎您正在与另一个身份验证管理策略并行地实现FormsAuthentication。你这样做的原因是什么?第一:你应该更新你的问题,而不是发布一个问答。观察:通常不必设置cookie域。Cookie可以通过TLD(顶级域)访问,并且不需要以这种方式进行处理。如果你的应用程序位于不同的TLD中,那么它将无法工作,尽管我怀疑这不是你的问题。另外,我无法理解你想要完成什么,所以我可能无法帮助你。似乎您正在与另一个身份验证管理策略并行地实现FormsAuthentication。你这样做的原因是什么?