ASP.NET窗体身份验证Cookie不到期 [英] ASP.NET Forms Authentication Cookie Not Expiring
问题描述
我在与在那里我使用ASP.NET SQL成员资格提供一个网站的一个问题。一切正常后,先登录。即,用户将被引导到登录页面,成功登录后,他们被送到他们要求原来的页面。
I'm having a problem with a site where I'm using the ASP.NET SQL Membership Provider. Everything works correctly upon first login. I.e., the user is directed to the login page, and upon successful login, they are sent the original page they requested.
不过,他们关闭浏览器后,并重新打开它,身份验证cookie仍然存在。他们可以直接进入需要身份验证无需登录任何网页。
However, after they close the browser, and re-open it, the authentication cookie is still there. They can go straight to any page that requires authentication without logging in.
我在那里我使用相同的成员资格提供其他网站,它的行为不同。当我检查在Firefox中的cookie,有问题的网站有过期:星期一,2010年4月26日下午二点23分50秒,即正常工作的网站已经过期:在会议结束。
I have another site where I'm using the same membership provider, and it behaves differently. When I inspect the cookies in Firefox, the site with the problem has "Expires: Monday, April 26, 2010 2:23:50 PM" The site that is working correctly has "Expires: At end of session".
指定到期时间的设置是为这两个网站是一样的:
The setting specifying the expiration time is the same for both sites:
authentication mode="Forms"
forms name=".MySite" protection="All" path="/"
loginUrl="mySite/login.aspx" slidingExpiration="true" timeout="30"
requireSSL="false"
authentication
(我删除了code以上的参考元素分隔符,因为它搞乱了编辑器)
(I removed the element delimiters in the code reference above, since it was messing up the editor)
最后,我要超时时间为30分钟,但我也希望cookie来当用户关闭浏览器结束。我不希望它坐活跃在机器上30分钟。这是它的行为对我工作的其他网站,我不知道有什么区别。
Ultimately, I want the timeout to be 30 minutes, but I also want the cookie to expire when the user closes the browser. I don't want it to sit active on the machine for 30 minutes. This is how it behaves on the other site I'm working on, and I'm not sure what the difference is.
谢谢
-Shane
Thanks -Shane
推荐答案
你有没有尝试在code写入cookie中的登录页面上的Cookie持久性设置为false?
Did you try setting the cookie persistence to false in the code on the login page that writes the cookie?
例如:
FormsAuthentication.RedirectFromLoginPage(userName, false);
这篇关于ASP.NET窗体身份验证Cookie不到期的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
