asp.net mvc自定义成员资格提供程序-严格登录到一个应用程序的缓存 [英] asp.net mvc custom membership provider - strict login cache to one application
问题描述
我为asp.net mvc应用程序创建了自定义成员资格提供程序,除以下几点外,其他所有方法都工作正常:
登录到我的应用程序时,我还登录到了使用Visual Studio运行的所有其他asp.net mvc应用程序.我认为此数据是从缓存中提取的,因为当我注销并尝试在其他应用程序中再次登录时,我被拒绝了.
I created custom membership provider for asp.net mvc applications and it all works fine except one thing:
when logged in to my application, I am also logged in to all other asp.net mvc applications that I run using Visual Studio. I suppose this data is being pulled from cache because when I logout and try to login again in other application, I'm being rejected.
在webconfig中,我添加了applicationName来解决此问题,但这没用:
In webconfig, I added applicationName in order to solve this but it didn't work:
<membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add
name="SAMembershipProvider"
type="ShinyAnt.Membership.SAMembershipProvider, ShinyAnt"
connectionStringName ="ShinyAntConnectionString"
applicationName="MyApp"
/>
</providers>
</membership>
<roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true">
<providers>
<clear/>
<add
name="SARoleProvider"
type="ShinyAnt.Membership.SARoleProvider"
connectionStringName ="ShinyAntConnectionString"
applicationName="MyApp"
/>
</providers>
</roleManager>
我有没有忘记执行的解决该问题的方法?或者是其他什么方法?
Is there any method that I forgot to implement that is dealing with this problem or it is something else?
推荐答案
对于您来说可能有点晚了,但是也许其他访问此页面的人可能会觉得有用.
It's probably a bit late for you, but maybe other people reaching this page may find this useful.
默认情况下,表单身份验证使用浏览器cookie来保存您的身份验证状态,并且它们的作用域(和限制)在(子)域级别(可能是
By default, forms authentication uses a browser cookie to save your authentication state, and they are scoped (and restricted) to a (sub)domain level (probably http://localhost/ in your case?).
这意味着每个应用程序都在本地主机"域根目录下运行( http://localhost/App1 , http://localhost/App2 )可以访问相同的身份验证Cookie.
This means that every application running under the 'localhost' domain root ( http://localhost/App1, http://localhost/App2) has access to the same authentication cookies.
通过在web.config中为每个应用程序指定不同的cookie名称,您也许可以解决此问题:
you might be able to work around this issue by specifying a different cookie name per application in the web.config:
<authentication mode="Forms">
<forms name="[cookie name]"></forms>
</authentication>
希望这对您有帮助...
Hope this helps...
这篇关于asp.net mvc自定义成员资格提供程序-严格登录到一个应用程序的缓存的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!