IIS会话超时和表单身份验证循环 [英] IIS Session timeout and Forms Authentication loop
问题描述
我的应用程序似乎存在超时问题并形成了身份验证循环.该应用程序基于MVC3,并且AJAX繁重.我发现,即使用户不断地在应用程序上工作并且不处于空闲状态,有时他们也会被踢出,然后表单身份验证进入重定向循环,并出现302错误.
I seem to have a problem with timeouts and forms authentication loops in my application. The application is MVC3 based and is AJAX heavy. I find that even when a user is continuously working on the application and not being idle, sometimes they get kicked out and then forms authentication goes into a redirect loop with a 302 error.
该应用程序由提供程序托管,该提供程序告诉我他们已将会话超时增加到60分钟.我对应用程序的web.config设置如下.
The application is hosted with a provider who tells me they have increased the session timeouts to 60 mint. My web.config setting for the application is as follows.
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" cookieless="UseCookies" slidingExpiration="true"/>
</authentication>
我为什么会出现会话超时?我有什么设置可以检查/更改以阻止这种情况发生吗?
Why would I be getting the session timeouts? Is there any setting I can check up/change to stop this happening?
谢谢你,
推荐答案
我终于知道发生了什么事.首先,我在基本控制器上有一个会话过滤器,该过滤器捕获会话超时并将其重定向到Account/LogOn.删除此选项将导致重定向循环.
I finally figured out what was happening. Firstly, I had a Session filter on my base controller, that was catching session timeouts and redirecting it to Account/LogOn. Removing this took out the redirect loops.
我还更改了代码以不使用Session变量,以解决频繁会话超时的问题.现在,此问题已解决.我希望这可以帮助其他在类似问题上苦苦挣扎的人.请记住并检查您在代码中可能使用的任何类型的自定义属性过滤器.
I also changed my code to NOT use Session variables, to get around the issue of frequent session timeouts. And this has now been resolved. I hope this helps anybody else out there struggling with similar issues. Do remember and check for any kind of custom attribute filters you may be using in your code.
这篇关于IIS会话超时和表单身份验证循环的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!