复制的网站不再对用户进行身份验证. [英] Copied website no longer authenticates user.
问题描述
我正在对公司网站的布局进行一些重大更改.我在不同的服务器上复制了我们的网站,因此可以在不打扰用户的情况下四处浏览.在硬件方面,服务器是相同的.
实时站点使用通过自定义MembershipProvider,MembershipUser和RoleProvider类实现的Forms身份验证.它还使用SSL.该实时站点一直运行良好.
复制后,我在测试站点上关闭了SSL(没有理由出去购买安全证书.)我确保所有文件夹都具有与实时站点相同的权限,并检查了测试服务器的IUSR用户拥有实时服务器的IUSR的所有访问权限.
问题是我无法在测试站点上获得经过身份验证的用户.一切都已编译并且代码可访问:调用Membership.ValidateUser会调用自定义MembershipProvider中的正确代码,并且我可以正确地分辨出何时提供了不存在的用户名或错误的密码.调用GetUser和其他类似功能可以正常工作.
我的问题是,对用户进行身份验证的所有努力都在测试站点上失败了. Login控件触发LoggedIn事件,但是即使在这里,User.Identity.IsAuthenticated也为False.作为测试,我用一些测试代码替换了控件:
I am making some substantial changes in the company website''s layout. I made a copy of our website on a different server, so I could dink around without annoying our users. In hardware terms, the servers are identical.
The live site uses Forms authentication, implemented with custom MembershipProvider, MembershipUser and RoleProvider classes. It also uses SSL. The live site has been working fine for years.
After copying, I switched off SSL on the test site (there is no reason to go out and buy a security certificate.) I made sure that all of the folders had the same permissions as those on the live site, and I checked that the test server''s IUSR user had all the access that the live server''s IUSR had.
The problem is that I cannot get an authenticated user on the test site. Everything is compiled and the code is accessable: a call to Membership.ValidateUser calls the correct code from the custom MembershipProvider and I can correctly tell when a non-existant user name or an incorrect password are provided. Calls to GetUser and other such functionality work fine.
My problem is that every effort to authenticate the user fails on the test site. The Login control fires the LoggedIn event, but even there, User.Identity.IsAuthenticated is False. As a test, I replaced the control with some test code:
Protected Sub LoginButton_Click(byval sender As Object, _
ByVal e As System.EventArgs)
If Membership.ValidateUser("aardvark", "password") Then
FormsAuthentication.SetAuthCookie("aardvark", False)
Response.Redirect("Test2.aspx")
Else
Feedback.Text("Invalid!")
End
End Sub
我的测试用户进行了验证,因此发送了Test2.aspx.该页面再次显示User.Identity.IsAuthenticated = False.
我准备放弃.有人有什么建议吗?
已添加,它也不是Cookie的问题.我已经在几台计算机上进行了测试;
My test user validates so Test2.aspx gets sent; that page shows, again, that User.Identity.IsAuthenticated = False.
I am about ready to give up. Anyone have any suggestions?
Added It is not a cookie issue either. I have tested on several computers; the live site works fine, the test site does not.
推荐答案
尝试使用此方法创建临时证书:
http://msdn.microsoft.com/en-us/library/ms733813.aspx [ ^ ]
Try this to create a temporary cert:
http://msdn.microsoft.com/en-us/library/ms733813.aspx[^]
您可以创建自己的证书,对吗?在我看来,您不必关闭SSL.
You can create your own certificate, though, can''t you? It seems to me that you don''t have to turn off SSL.
这篇关于复制的网站不再对用户进行身份验证.的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
