表单身份验证slideExpiration不起作用 [英] Form authentication slidingExpiration does not work
问题描述
我有以下代码
int intTimeout = (FormsAuthentication.Timeout.Hours * 60) +
FormsAuthentication.Timeout.Minutes;
var authTicket = new FormsAuthenticationTicket(1, Utility.userCookie, DateTime.Now,
DateTime.Now.AddMinutes(intTimeout), true, cookieValue);
string strEncryptedTicket = HttpUtility.UrlEncode(FormsAuthentication.Encrypt(authTicket));
var authCookie = new HttpCookie(Utility.userCookie, strEncryptedTicket);
authCookie.Expires = authTicket.Expiration;
//FormsAuthentication.RedirectFromLoginPage("", false);
authCookie.Secure = FormsAuthentication.RequireSSL;
//authCookie.Secure = true;
HttpContext.Current.Response.Cookies[Utility.userCookie].Expires = authTicket.Expiration;
HttpContext.Current.Response.Cookies[Utility.userCookie].Value = authCookie.Value;
在 web.config
<authentication mode="Forms">
<forms timeout="2" slidingExpiration="true" requireSSL="true" />
</authentication>
我一直点击页面链接,它仍然在2分钟后失效.
I keep hitting page link, still it expires in 2 minutes.
推荐答案
也许该问题与web.config文件中缺少静态machineKey部分有关.当您调用FormsAuthentication.Encrypt或FormsAuthentication.Decrypt时,这些方法使用web.config文件中提供的machineKey值来执行操作.如果不为machineKey提供严格的值,则将在Web应用程序的起点生成新的唯一validationKey和decryptionKey.有时取决于服务器设置(例如,用于应用程序池设置的较小的空闲时间值),应用程序在FormsAuthenticationTicket的到期时间之前终止.在这种情况下,由于新的machineKey值,Decrypt方法无法验证票证.我只建议您设置一个静态的machineKey.
Maybe the problem is related to lack of static machineKey section in the web.config file. when you call FormsAuthentication.Encrypt or FormsAuthentication.Decrypt, the methods use the machineKey values which is provided in the web.config file to perform the operation. if you do not provide strict values for machineKey, a new unique validationKey and decryptionKey would generate at the start point of the web application. sometimes depend on the server settings(for example small Idle-Time values for application pool settings), application is terminated before the expiration time of the FormsAuthenticationTicket. in this case because of the new machineKey values the Decrypt method can't validate the Ticket. I just recommend you to set a static machineKey.
请参阅以下链接: https://msdn.microsoft.com/en -us/library/w8h3skw9(v = vs.100).aspx
这篇关于表单身份验证slideExpiration不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
