表单身份验证和/或会话超时 [英] Forms Authentication and/or Session timeout

问题描述

我花了很多时间研究我的ASP.NET会话"超时问题.我在双引号中使用会话"的原因是我不确定该问题是否与会话超时或表单身份验证有关.

我遇到的问题是，我已经将表单身份验证cookie和会话状态都设置为在一天(1,440分钟)后超时，但是似乎在20分钟后超时，我理解这是默认值.

在web.config中，我有

I''ve spent a lot more time researching this issue that I have with my ASP.NET "session" timing out. The reason I''m using "session" in double quotes is that I''m not sure if the issue is related to my Session timing out or my Forms Authentication.

The problem that I have is that I''ve set both the forms authentication cookie and the session state to timeout after one day (1,440 minutes), but it seems to be timing out after 20 minutes, which I understand to be the default.

In the web.config, I have

<sessionstate mode="InProc" cookieless="false" timeout="1440" />

和

and

<br />
<pre lang="xml"><authentication mode="Forms"><br />
    <forms loginUrl="~/Account/Login.aspx" timeout="1440" protection="All" defaultUrl="Default.aspx"/><br />
</authentication></pre><br />

在登录页面后面的代码中，这是设置身份验证Cookie的方法:

In the code behind of my login page, this is how I set my authentication cookie:

<br />
FormsAuthentication.SetAuthCookie("someValue", true);<br />

出于测试目的，我希望我的会话保持活动一天.当我在客户端上检查身份验证cookie时，该cookie信息显示的到期日期恰好是现在开始的一天.我怀疑会话是引起此问题的原因，但是为什么我的web.config中的超时值被忽略了?

For testing purposes, I want my session to stay active for one day. When I inspect the authentication cookie on the client, the cookie information shows an expiration date that is exactly a day out from right now. I suspect that the Session is causing the issue, but why is my timeout value in the web.config being ignored?

推荐答案

以下链接可能会帮助您: br/> 具有表单身份验证的基于角色的安全性 [ http://forums.asp.net/t/1143744. aspx/1?Managing + Session + Timeout + using + Web + Config [ http://www.asp.net/security/tutorials/an-overview- of-forms-authentication-vb [ ^ ]

如果我误解了您的问题，请随时纠正我.希望以上信息对您有所帮助.如果您还有其他顾虑，请告诉我.

如果这确实对您有帮助，请不要忘记投票并接受答案.

The following links may help you out:
Role-based Security with Forms Authentication[^]
http://forums.asp.net/t/1143744.aspx/1?Managing+Session+TimeOut+using+Web+Config[^]
http://www.asp.net/security/tutorials/an-overview-of-forms-authentication-vb[^]

If i misunderstand your question, please feel free to correct me.I hope the above information will be helpful. If you have more concerns, please let me know.

If this would be really helpful to you then don''t forgot to Vote and Make Answer as Accepted.

这篇关于表单身份验证和/或会话超时的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！