什么是ASPXAUTH饼干吗？ [英] what is ASPXAUTH cookie?

问题描述

虽然与ASP.Net工作窗体身份验证我碰到了.ASPXAUTH的cookie。我有几个问题：

While working with ASP.Net Forms Authentication I came across the .ASPXAUTH cookie. I have a couple questions:

• 什么是这个cookie的目的是什么？


• 什么是这个cookie的位置？

推荐答案

该ASPXAUTH Cookie用于确定用户身份验证。

The ASPXAUTH cookie is used to determine if a user is authenticated.

至于cookie的位置，这取决于你的浏览器。如果您使用的是Firefox，你可以通过点击工具查看饼干 - >选项 - >隐私。然后向下滚动到域并展开以查看该cookie和它的值。该值是使用机器密钥（位于服务器的machine.config或web.config文件），所以看在客户端上的cookie不会真正为您提供的任何信息进行加密。您可以解密/使用查看服务器端的值：

As far as the location of the cookie, that depends on your browser. If you are using Firefox you can view the cookie by clicking on Tools -> Options -> Privacy. Then scroll down to the domain and expand it to see the cookie and its value. The value is encrypted using the machine key (located in the server's machine.config or web.config file) so looking at the cookie on the client won't really provide you any information. You can decrypt/view the value on the server side using:

HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];//.ASPXAUTH
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

其中， authTicket 有以下字段：

语句ASPXAUTH基本上是用来维持ASP.NET会话状态是不正确。 ASP.NET发出一个完全不同的cookie，名为ASP.NET_SessionId，跟踪会话状态。

The statement "ASPXAUTH is basically used to maintain ASP.NET Session State" is incorrect. ASP.NET issues an entirely different cookie, named ASP.NET_SessionId, to track session state.

这篇关于什么是ASPXAUTH饼干吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！