是否与Web窗体身份验证工作负载均衡？ [英] Does Forms Authentication work with Web Load Balancers?

问题描述

我的工作就是使用窗体身份验证的Web应用程序。

I'm working on a web application that is using Forms authentication.

    <authentication mode="Forms">
        <forms slidingExpiration="true"
         loginUrl="~/User.aspx/LogOn"
         timeout="15"
         name="authToken"  />
    </authentication>

我看到这个cookie设置在浏览器中，当我登录：

I'm seeing this cookie set in my browser when I log in:

现在的问题是，当我把这个网站在负载平衡模式会发生什么？哪里ASP.net会话cookie被设置？我没有明确的做在code，所以我认为这是发生在幕后的某处在ASP.Net。

The question is what happens when I put this website in a load balanced model? Where is the ASP.net session cookie being set? I didn't explicitly do it in code, so I assume it's happening behind the scenes somewhere in ASP.Net.

此外，如果会话cookie是由Web服务器设置，我认为web服务器B将无法识别它，并把它作为一个无效的会话。如果是这样的话，我可能不想使用它，对吗？

Also, If the session cookie is set by web server A, I assume web server B won't recognize it and treat it as an invalid session. If this is the case, I probably don't want to use it, right?

推荐答案

您必须设置机器密钥是相同的，并要在两台机器上相同的名字......如果做到这一点，你应该有没有问题，负载窗体身份验证平衡。

You'll have to set the machine key to be the same and the name to be the same on both machines...if this is done you should have no problems load balancing with forms auth.

        <authentication mode="Forms">
        <forms loginUrl="~/Login/Index" defaultUrl="~/"
                     name=".myportal"
                     protection="All" slidingExpiration="true" timeout="20" path="/"
                     requireSSL="false"></forms>
    </authentication>

    <machineKey validationKey="534766AC57A2A2F6A71E6F0757A6DFF55526F7D30A467A5CDE102D0B50E0B58D613C12E27E7E778D137058E" decryptionKey="7059303602C4B0B3459A20F9CB631" decryption="Auto" validation="SHA1"/>

会话可以稍微复杂一些。您可以在ASP.Net会话状态存储在数据库中或使用共享会话提供商使其可用于负载平衡为好。

Sessions can get slightly more complicated. You can store the ASP.Net session state in the database or use a shared session provider to make it available for load balancing as well.

下面是在数据库存储会话状态的好文章： http://idunno.org/articles /277.aspx

Here is a good article on storing session state in the DB: http://idunno.org/articles/277.aspx

这篇关于是否与Web窗体身份验证工作负载均衡？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！