IIS会话超时和表单身份验证循环 [英] IIS Session timeout and Forms Authentication loop

问题描述

我的应用程序似乎存在超时问题并形成了身份验证循环.该应用程序基于MVC3，并且AJAX繁重.我发现，即使用户不断地在应用程序上工作并且不处于空闲状态，有时他们也会被踢出，然后表单身份验证进入重定向循环，并出现302错误.

I seem to have a problem with timeouts and forms authentication loops in my application. The application is MVC3 based and is AJAX heavy. I find that even when a user is continuously working on the application and not being idle, sometimes they get kicked out and then forms authentication goes into a redirect loop with a 302 error.

该应用程序由提供程序托管，该提供程序告诉我他们已将会话超时增加到60分钟.我对应用程序的web.config设置如下.

The application is hosted with a provider who tells me they have increased the session timeouts to 60 mint. My web.config setting for the application is as follows.

<authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="2880" cookieless="UseCookies" slidingExpiration="true"/>
    </authentication>

我为什么会出现会话超时?我有什么设置可以检查/更改以阻止这种情况发生吗?

Why would I be getting the session timeouts? Is there any setting I can check up/change to stop this happening?

谢谢你，

推荐答案

我终于知道发生了什么事.首先，我在基本控制器上有一个会话过滤器，该过滤器捕获会话超时并将其重定向到Account/LogOn.删除此选项将导致重定向循环.

I finally figured out what was happening. Firstly, I had a Session filter on my base controller, that was catching session timeouts and redirecting it to Account/LogOn. Removing this took out the redirect loops.

我还更改了代码以不使用Session变量，以解决频繁会话超时的问题.现在，此问题已解决.我希望这可以帮助其他在类似问题上苦苦挣扎的人.请记住并检查您在代码中可能使用的任何类型的自定义属性过滤器.

I also changed my code to NOT use Session variables, to get around the issue of frequent session timeouts. And this has now been resolved. I hope this helps anybody else out there struggling with similar issues. Do remember and check for any kind of custom attribute filters you may be using in your code.

这篇关于IIS会话超时和表单身份验证循环的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！