ASP.NET窗体身份验证保持在iPad上显示的登录页面 [英] ASP.NET forms authentication keeps displaying login page on iPad

查看:287
本文介绍了ASP.NET窗体身份验证保持在iPad上显示的登录页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个iPad使用时,它显示奇怪的行为,一个Web应用程序。有时,它继续显示登录页,即使用户被授权,但我创建一个存储在客户端上的cookie。

该应用程序是一个MVC2应用程序,我打电话通过ajax控制器的方法来进行身份验证。如果Ajax调用成功,则客户端执行window.location.assign()导航用户的安全页面。(我这样做是为了支持全屏幕iPad的Web应用程序模式)

我用下面的code创建cookie的:

 字符串formsCookieStr =的String.Empty;
的FormsAuthenticationTicket票=新的FormsAuthenticationTicket(
            1,//版本
            用户名,//用户名
            DateTime.Now,//时间问题
            DateTime.Now.AddMinutes(30),//到期
            假的,//持久性
            userRoleData //用户数据
    );
formsCookieStr = FormsAuthentication.Encrypt(票);
的HttpCookie FormsCookie =新的HttpCookie(FormsAuthentication.FormsCookieName,formsCookieStr);
HttpContext.Response.Cookies.Add(FormsCookie);

有关身份验证的URL是/帐号/ LogOn2。
那就是安全页的网址/管理员

如果看我的IIS日志(下),那么我可以看到,第一次调用/帐号/ LogOn2正在通过正确的用户名和密码。
第二个日志条目显示得到Ajax调用随后让,你可以清楚地看到,一个新的cookie ASPXAUTH伴随的要求 - 这是这个cookie设置后的第一​​次调用下面。
那么,为什么是第二个呼叫产生一个302(重定向),当请求被正确验证,通过在第二个电话时ASPXAUTH cookie的presence的证明?这是因为如果服务器没有'看到'的身份验证cookie,并迫使302重定向。
第三个条目显示导致再次登录表单的请求重定向。

  2011-06-07 16点33分37秒W3SVC97442007 192.168.1.4 GET /帐号/ LogOn2用户名=皮特和放大器;密码=葡萄酒和放大器; RETURNURL =%2fProfileList 80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=214FCF8C485AD048B2A0833BCA77582097EBF8F88BC2B0A64D7CD4F2BD7B1D9CB0C4209DC82FFA93466A58462BCA7EAB0D35B8573CCC5AABDDD5F7ACD0D38FCCB7275A79606B990B8A189887F724BF4D30BF3F9474CCD872868FE6DB48A3825F8770116A1C142AAD99A195E5D46B7BD6DB8FCF709FDE79A6B4F70B99E9646B515946E82DD988231DCE8504E5B63134419A0A107CBB367ABC978BC71A5D7C2CEF;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07 16点33分38秒W3SVC97442007 192.168.1.4 GET / ProfileList文件 -  80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 302 0 0
2011-06-07十六时33分39秒W3SVC97442007 192.168.1.4 GET /帐号/ LogOn支持RETURNURL =%2fProfileList 80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07十六时33分39秒W3SVC97442007 192.168.1.4 POST /同步/用户 -  80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07十六时33分39秒W3SVC97442007 192.168.1.4 POST /同步/概况 -  80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0

为什么服务器不是'看'的第二个请求身份验证cookie?

非常感谢远阅读本。我撕我的头发在这里!

编辑:想这可能是有用的,以显示反映成功登录两个IIS日志条目:

  2011-06-07 17点58分08秒W3SVC97442007 192.168.1.4 GET /帐号/ LogOn2用户名=皮特和放大器;密码=葡萄酒和放大器; RETURNURL =%2fAdmin 80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 -  200 0 0
2011-06-07 17点58分09秒W3SVC97442007 192.168.1.4 GET /管理 -  80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=4965435E85DA486CECFAC6234F7EB96E91608374522B842642C825328E12BB199809D4982BB55AA53BBDE7123679DD48D0518AF053EE6BC5AEBE653EA922BBBFB04CCCC7E369A2C42CDBF56F63DF184DE89D74F5632C3E6F007D8852177F37482A5E48A59B39DF9F8AC8271827ED15CFB70607E8960AAFFB12433C7D9391A15B1571740F888C5654AF5F52A50D2B9E1D21682A49C4DAA24686B19F888F92C255;+ASP.NET_SessionId=0q3ah5d1rkj5drkf0clrzwdi 200 0 0

请注意HTTP状态code 200的第二个条目。

修改登录成功则/ ProfileList文件的客户端负载示例

  2011-06-07 17点49分10秒W3SVC97442007 192.168.1.4 GET /帐号/ LogOn2用户名=皮特和放大器;密码=葡萄酒和放大器; RETURNURL =%2fProfileList 80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 -  200 0 0
2011-06-07 17时49分13秒W3SVC97442007 192.168.1.4 GET / ProfileList文件 -  80  -  86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=26D4837E045282BF0F6118CABE52C0D1A264396BBDEE65E35502D77CD33AA39782B2F19D50971AD8C4F29BEF7DB268BF1F7359F1DBA58029C6BF1BFF6D95404B877F76D581FC8777F25030073CEB4D1ED5C591B532B41C212F772EC57717A50D063D4DAF195FCBFC4F2F6F88025043579E11D57030E6CFC51FB4250D8B3B99829E1446BD55B2C265A9153B23E2DC6D9419AA2E3E58AA01FC5760A5A7C44D69AE;+ASP.NET_SessionId=txvqo5pfod3bdg12d2llbh3g 200 0 0


解决方案

我相信我有答案。您需要专门设置web.config中强制使用cookies。我现在的身份验证在web.config中设置如下:

 <身份验证模式=表格>
      <形式loginUrl =〜/帐号/登录超时=2880
             无Cookie =UseCookies
             />
    < /认证>

这是无Cookie =UseCookies条目,解决了这个问题。这种情况的默认值是UseDeviceProfile。它肯定是这样一个iPad没有一个一致的UseDeviceProfile制度的情况。在iPad上,有时它的工作,有时没有。不要问我为什么。现在似乎是一贯的工作。

I have a web app which is displaying strange behaviour when used from an iPad. On occasion, it keeps displaying the login page, even though the user gets authenticated and I create a cookie which is stored on the client.

The app is an MVC2 app, and I am calling a controller method via ajax to perform the authentication. If the ajax call is successful then the client performs a window.location.assign() to navigate the user to the secure page.(I'm doing this to support full-screen iPad web app mode)

I use the following code to create the cookie:

string formsCookieStr = string.Empty;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
            1,                              // version
            username,                       // user name
            DateTime.Now,                   // issue time
            DateTime.Now.AddMinutes(30),    // expires
            false,                          // Persistence
            userRoleData                    // user data
    );
formsCookieStr = FormsAuthentication.Encrypt(ticket);
HttpCookie FormsCookie = new HttpCookie(FormsAuthentication.FormsCookieName, formsCookieStr);
HttpContext.Response.Cookies.Add(FormsCookie);

The url for the authentication is /Account/LogOn2. The url that is the 'secure' page is /Admin

If I look at the IIS logs (below) then I can see that the first call to /Account/LogOn2 is passing the correct username and password. The second log entry shows the GET that the ajax call subsequently makes, and you can clearly see that a new ASPXAUTH cookie accompanies the request - it is this cookie that was set following the first call. Why then is the second call resulting in a 302 (redirect), when the request is properly authenticated, as proven by the presence of the ASPXAUTH cookie in the second call? It is as if the server is not 'seeing' the authentication cookie and is forcing the 302 redirect. The third entry shows the redirect resulting in a request for the login form again.

2011-06-07 16:33:37 W3SVC97442007 192.168.1.4 GET /Account/LogOn2 username=pete&password=wine&returnUrl=%2fProfileList 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=214FCF8C485AD048B2A0833BCA77582097EBF8F88BC2B0A64D7CD4F2BD7B1D9CB0C4209DC82FFA93466A58462BCA7EAB0D35B8573CCC5AABDDD5F7ACD0D38FCCB7275A79606B990B8A189887F724BF4D30BF3F9474CCD872868FE6DB48A3825F8770116A1C142AAD99A195E5D46B7BD6DB8FCF709FDE79A6B4F70B99E9646B515946E82DD988231DCE8504E5B63134419A0A107CBB367ABC978BC71A5D7C2CEF;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07 16:33:38 W3SVC97442007 192.168.1.4 GET /ProfileList - 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 302 0 0
2011-06-07 16:33:39 W3SVC97442007 192.168.1.4 GET /Account/LogOn ReturnUrl=%2fProfileList 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07 16:33:39 W3SVC97442007 192.168.1.4 POST /Sync/Users - 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0
2011-06-07 16:33:39 W3SVC97442007 192.168.1.4 POST /Sync/Profiles - 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=644A6CC55F3E1E78922FA2E5FF7E54CBF11654F636A58142C10BBD9CB8FAF440FC8A642AAE02A7A4AACC0904D27B225A38DA2016EB09AA03D761916048C35711C7AC136A9A58C63956DBCC3ABBED9EE5818F19E07585A93EB00950F53B5D3934650CFE611AAC926BC8D6BDBEE67F2EC8675ACBC66E594D0EF2556910A037E3C9782E134F56F7CAE9F9E31AD69CDB9F0C68B9B81BE7075918F9ECBC39DA03A77F;+ASP.NET_SessionId=5uu3m1db2iqgetgvmpjgnot2 200 0 0

Why is the server not 'seeing' the authentication cookie in the second request?

Thanks very much for reading this far. I'm tearing my hair out here!

EDIT: thought it might be useful to show the two IIS log entries that reflect a successful login:

2011-06-07 17:58:08 W3SVC97442007 192.168.1.4 GET /Account/LogOn2 username=pete&password=wine&returnUrl=%2fAdmin 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 - 200 0 0
2011-06-07 17:58:09 W3SVC97442007 192.168.1.4 GET /Admin - 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=4965435E85DA486CECFAC6234F7EB96E91608374522B842642C825328E12BB199809D4982BB55AA53BBDE7123679DD48D0518AF053EE6BC5AEBE653EA922BBBFB04CCCC7E369A2C42CDBF56F63DF184DE89D74F5632C3E6F007D8852177F37482A5E48A59B39DF9F8AC8271827ED15CFB70607E8960AAFFB12433C7D9391A15B1571740F888C5654AF5F52A50D2B9E1D21682A49C4DAA24686B19F888F92C255;+ASP.NET_SessionId=0q3ah5d1rkj5drkf0clrzwdi 200 0 0

Note the HTTP Status code 200 for the second entry.

EDIT Example of successful login then client-side load of /ProfileList

2011-06-07 17:49:10 W3SVC97442007 192.168.1.4 GET /Account/LogOn2 username=pete&password=wine&returnUrl=%2fProfileList 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 - 200 0 0
2011-06-07 17:49:13 W3SVC97442007 192.168.1.4 GET /ProfileList - 80 - 86.153.46.122 Mozilla/5.0+(iPad;+U;+CPU+OS+4_3_3+like+Mac+OS+X;+en-us)+AppleWebKit/533.17.9+(KHTML,+like+Gecko)+Mobile/8J3 .ASPXAUTH=26D4837E045282BF0F6118CABE52C0D1A264396BBDEE65E35502D77CD33AA39782B2F19D50971AD8C4F29BEF7DB268BF1F7359F1DBA58029C6BF1BFF6D95404B877F76D581FC8777F25030073CEB4D1ED5C591B532B41C212F772EC57717A50D063D4DAF195FCBFC4F2F6F88025043579E11D57030E6CFC51FB4250D8B3B99829E1446BD55B2C265A9153B23E2DC6D9419AA2E3E58AA01FC5760A5A7C44D69AE;+ASP.NET_SessionId=txvqo5pfod3bdg12d2llbh3g 200 0 0

解决方案

I believe I have the answer. You need to specifically set web.config to force the use of cookies. My authentication setting in web.config now looks like this:

<authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="2880" 
             cookieless="UseCookies" 
             />
    </authentication>

It is the cookieless="UseCookies" entry that solved the problem. The default value for this is UseDeviceProfile. It must have been the case that an iPad does not have a consistent UseDeviceProfile regime. On the iPad, sometimes it worked, sometimes it didn't. Don't ask me why. It now seems to be consistently working.

这篇关于ASP.NET窗体身份验证保持在iPad上显示的登录页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆