ASP.Net删除/过期会话Cookie [英] ASP.Net delete/expire session cookies
问题描述
我们有许多内部公司ASP.Net应用程序。所有都使用表单身份验证,并且都是基于会话的...
We have a number of internal company ASP.Net applications. All use Forms Authentication and all are session based...
我要做的是,当用户从一个应用程序中注销时,他/她从所有应用程序中注销应用程序。
What I am trying to do is when a user logs out of one application he/she is logged out of all applications.
我有一些逻辑可以迭代cookie集合。我可以看到所有其他ASP.Net应用程序,但无法删除它们。
I have some logic that iterates the cookies collection. I can see all the other ASP.Net applications but I can not remove them.
我目前使用以下逻辑:
// expire all asp.net app tickets
string[] allDomainCookes = HttpContext.Current.Request.Cookies.AllKeys;
foreach (string domainCookie in allDomainCookes)
{
if (domainCookie.Contains("ASPXAUTH"))
{
var expiredCookie = new HttpCookie(domainCookie) { Expires = DateTime.Now.AddDays(-1) };
HttpContext.Current.Response.Cookies.Add(expiredCookie);
}
}
HttpContext.Current.Request.Cookies.Clear();
由于某些原因,它们未被删除。我知道它们都在那里,因为我已经将它们写到了页面上。他们只是没有被删除....这是因为这些是会话cookie?
For some reason they are not being removed. I know they are all there because I have written them to the page. They are just not being removed....is this because these are session cookies?
我还应该添加它们都是某个域的所有子域,因此所有权不成问题?
Also I should add they are all sub-domains of the some domain so ownership should not be an issue?
推荐答案
实际上...我刚刚发现了问题。我还需要指定域
Actually...I've just found the problem. I need to specify the domain as well
string[] allDomainCookes = HttpContext.Current.Request.Cookies.AllKeys;
foreach (string domainCookie in allDomainCookes)
{
if (domainCookie.Contains("ASPXAUTH"))
{
var expiredCookie = new HttpCookie(domainCookie) {
Expires = DateTime.Now.AddDays(-1),
Domain = ".mydomain"
};
HttpContext.Current.Response.Cookies.Add(expiredCookie);
}
}
HttpContext.Current.Request.Cookies.Clear();
这篇关于ASP.Net删除/过期会话Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!