ASP.NET身份验证cookie仅在IE中消失,仅在特定位置消失 [英] ASP.NET authentication cookie disappears, only in IE, only from specific locations
问题描述
在一页重定向后,Internet Explorer不会保留我的身份验证cookie.
Internet explorer is not keeping my authentication cookie after one page redirect.
这里是情况:
我有一个运行在共享iis7托管上的ASP.NET 2.0 Web应用程序.该应用程序使用表单身份验证来处理登录名和用户身份,并为此在客户端计算机上编写cookie(.ASPXFORMSAUTH).
I have an ASP.NET 2.0 web application running on a shared iis7 hosting. The application uses forms authentication to handle login and user identity and writing a cookie (.ASPXFORMSAUTH) on the client machine for that purpose.
在IE(已通过版本8、9进行检查)中,从某些位置,在第一页之后未保留身份验证cookie.观察到的行为是:
in IE (checked with version 8, 9), from some locations, the authentication cookie is not being kept after the first page. The observed behavior is:
- 用户名和密码以登录表单提交
- 用户成功重定向到登录后的第一个页面(并且提琴手显示.ASPXFORMSAUTH cookie存在)
- 单击另一个链接或单击F5刷新后,将引导用户登录,并且身份验证cookie(根据fiddler)不再存在.在刷新/单击时,请求标头中缺少身份验证cookie.
在Chrome/FF中甚至在IE中都不会发生这种情况,这似乎取决于我所连接的位置.
This doesn't happen in Chrome / FF, and even in IE, it seems to be dependent on the location from which I am connected.
也都可以正常工作,并且在提琴手中也可以很好地反映出来.
also, locally (using the internal dev server in VS2008), all works fine and reflects fine in fiddler as well.
几天来,我一直在朝这个方向努力.以为这可能是一个奇怪的防火墙问题,但无法确定任何结论.
I am banging my head at it for a few days now. Thought it may be some kind of a strange firewall problem, but couldn't determine anything conclusive.
想法将不胜感激.
推荐答案
IE遭受一个怪异的错误-由于某些原因,如果域名中包含非字母数字字符,则IE不会保留cookie ...并且因此,您将不会在不同的呼叫之间保持持久会话.
IE suffers from a weird bug - for some reasons, if there are non-alphanumeric characters in the domain's name, IE won't persist cookies... and hence you'll have no persistent session between different calls.
检查您的域中是否包含非字母数字字符,例如test_domain或test-domain等.不幸的是,除了别名域或直接通过IP访问之外,我不知道有任何解决方案.您在本地没有问题的原因是您指向的是 http://localhost .一旦部署到不符合IE的域,您就会发现问题所在.
Check if your domain has non-alphanumeric characters in it, such as test_domain or test-domain or the likes. Unfortunately, I don't know any fixes for this short of aliasing the incriminated domain or accessing it directly via the IP. The reason you've got no problems locally is that you're pointing to http://localhost, which is fine. As soon as you deploy to a non IE compliant domain you'll witness the problem.
发生在我身上,花了几个小时才找出原因.希望这可以帮助.用火杀死IE的另一个原因.
Happened to me and it took hours to find out why. Hope this helps. Another reason to kill IE with fire.
这篇关于ASP.NET身份验证cookie仅在IE中消失,仅在特定位置消失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
