表单身份验证slideExpiration不起作用 [英] Form authentication slidingExpiration does not work
问题描述
我有以下代码
int intTimeout = (FormsAuthentication.Timeout.Hours * 60) +
FormsAuthentication.Timeout.Minutes;
var authTicket = new FormsAuthenticationTicket(1, Utility.userCookie, DateTime.Now,
DateTime.Now.AddMinutes(intTimeout), true, cookieValue);
string strEncryptedTicket = HttpUtility.UrlEncode(FormsAuthentication.Encrypt(authTicket));
var authCookie = new HttpCookie(Utility.userCookie, strEncryptedTicket);
authCookie.Expires = authTicket.Expiration;
//FormsAuthentication.RedirectFromLoginPage("", false);
authCookie.Secure = FormsAuthentication.RequireSSL;
//authCookie.Secure = true;
HttpContext.Current.Response.Cookies[Utility.userCookie].Expires = authTicket.Expiration;
HttpContext.Current.Response.Cookies[Utility.userCookie].Value = authCookie.Value;
在 web.config
<authentication mode="Forms">
<forms timeout="2" slidingExpiration="true" requireSSL="true" />
</authentication>
我一直点击页面链接,它仍然在2分钟后失效.
I keep hitting page link, still it expires in 2 minutes.
推荐答案
也许该问题与web.config文件中缺少静态machineKey
部分有关.当您调用FormsAuthentication.Encrypt
或FormsAuthentication.Decrypt
时,这些方法使用web.config文件中提供的machineKey值来执行操作.如果不为machineKey提供严格的值,则将在Web应用程序的起点生成新的唯一validationKey
和decryptionKey
.有时取决于服务器设置(例如,用于应用程序池设置的较小的空闲时间值),应用程序在FormsAuthenticationTicket
的到期时间之前终止.在这种情况下,由于新的machineKey
值,Decrypt方法无法验证票证.我只建议您设置一个静态的machineKey.
Maybe the problem is related to lack of static machineKey
section in the web.config file. when you call FormsAuthentication.Encrypt
or FormsAuthentication.Decrypt
, the methods use the machineKey values which is provided in the web.config file to perform the operation. if you do not provide strict values for machineKey, a new unique validationKey
and decryptionKey
would generate at the start point of the web application. sometimes depend on the server settings(for example small Idle-Time values for application pool settings), application is terminated before the expiration time of the FormsAuthenticationTicket
. in this case because of the new machineKey
values the Decrypt method can't validate the Ticket. I just recommend you to set a static machineKey.
请参阅以下链接: https://msdn.microsoft.com/en -us/library/w8h3skw9(v = vs.100).aspx
这篇关于表单身份验证slideExpiration不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!