记得在asp.net登录 [英] remember login in asp.net

问题描述

我正在使用ASPNETDB数据库和AspNetSqlMembershipProvider，以及用于处理用户的IDE控件，例如Loging control ....



我遇到的问题是：当我将我的网站上传到托管时，它不会保存登录数据，我尝试登录到特定页面的所有信息都会转换为登录页面（有时会在一分钟内变化，有时甚至是三分钟，没有具体的时间即使我检查了（记住我），请确保我有一个浏览器保存cookei，并确认我检查时记住了cookie（记住我），但无济于事，每一分钟都要注销该站点并转移到登录页面。



我的站点在VS 2010中按照本地服务器的要求工作，并在整个会话期间保持记录状态没有选择（记住我），并且下次仍然保留日志，在这种情况下我检查（记住我）。





an提议...提前谢谢。

i am using the ASPNETDB database and AspNetSqlMembershipProvider, and IDE controls to deal with the users, such as Loging control....

The problem I have is: When i uploaded my site to hosting it does not save login data, and all that I try to login to a particular page is transformative to the login page (sometimes is transformative in a minute and sometimes three minutes, there is no specific time for the session) even if i checked (remember me), make sure I have a browser saves cookei, and also confirmed that cookie is saved from the site when i check (remember me), but to no avail, and every minute be logged out of the site and transferring to the login page.

my site works as required on the local server from within the VS 2010, and remains held logged throughout the session, in the absence of selection (remember me), and remains held log for the next time also in which case i check (remember me).


any proposal ... thanks in advance.

推荐答案

基本上，你需要使用一个cookie。



人们在许多地方解释了这项技术。例如：

http://stackoverflow.com/questions/3118717/how-to-handle-remember-me-in-the-asp-net-membership-provider [ ^ ]。



想找到其他代码示例？请参见 http://bit.ly/YAUv8o [ ^ ]。



我的担忧是不同的：你应该警告用户存储登录信息的危险本地计算机上的cookie。如果您使用正确的身份验证，您永远不会在任何地方存储任何密码（您可以存储密码的加密哈希函数，但它使加密不可行恢复原始密码）。在本地计算机上存储密码会创建敏感数据，如果客户端计算机以某种方式被盗或破解，则可以捕获这些数据。所以，这个决定应该是可选的;并且应该警告用户，要注意并注意这些事情。这样的解决方案永远不应该是默认的。

-SA

Basically, you would need to use a cookie.

People explained the technique in many places. For example:
http://stackoverflow.com/questions/3118717/how-to-handle-remember-me-in-the-asp-net-membership-provider[^].

Want to find other code samples? See http://bit.ly/YAUv8o[^].

My concern is different: you should warn the user about the danger of storing log on information in a cookie on a local computer. If you use proper authentication, you never store any passwords anywhere (you can store cryptographic hash functions of passwords, but it makes cryptographically infeasible to restore the original password). Storing the password on local computer creates sensitive data which can be captures if a client computer is stolen or cracked in some way. So, this decision should be optional; and the user should be warned, to be aware and careful about such things. Such solution should never be a default.

—SA

我找到了解决方案 page [ ^ ]。

I found the solution on this page[^].

这篇关于记得在asp.net登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！