为什么Asp.net MVC4不能使用SQL Server会话状态存储的cookie的 [英] Why Asp.net MVC4 can not use the cookieless of SQL Server Session state storage

查看:250
本文介绍了为什么Asp.net MVC4不能使用SQL Server会话状态存储的cookie的的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

ALL,这是在Asp.net MVC4应用我的web配置。我发现如果我设置cookie的假的,一切顺利。但如果我不希望使用的cookie。那么应用程序不能work.when我调试应用程序,我发现控制器无法接收来自视图的任何请求。我觉得这是因为当在cookie的模式下,事情会前追加到URL。如http:/ /本地主机:8119 /(S(3cicpjpagvpunr5he5fnfrj1))/ 

 <结构>
  < configSections>
    < sectionGroup NAME =system.web.webPages.razorTYPE =System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup,System.Web.WebPages.Razor,版本= 2.0.0.0,文化=中性公钥= 31BF3856AD364E35 >
      <节名称=webAssetsTYPE =Telerik.Web.Mvc.Configuration.WebAssetConfigurationSection,Telerik.Web.MvcrequirePermission =FALSE/>
      <! - 有关Entity Framework的配置的详细信息,请访问http://go.microsoft.com/fwlink/?LinkID=237468  - >
      <节名称=的EntityFrameworkTYPE =System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection,的EntityFramework,版本= 4.4.0.0,文化=中性公钥= b77a5c561934e089requirePermission =FALSE/>
    < / sectionGroup>
  < / configSections>  <&是connectionStrings GT;
    <添加名称=...的connectionString =...的providerName =System.Data.SqlClient的/>
  < /&是connectionStrings GT;
  <&的appSettings GT;
    <添加键=网页:版本值=2.0.0.0/>
    <添加键=网页:启用VALUE =真/>
    <添加关键=preserveLoginUrlVALUE =真/>
    <添加键=ClientValidationEnabledVALUE =真/>
    <添加键=UnobtrusiveJavaScriptEnabledVALUE =真/>
  < /的appSettings>
  <&的System.Web GT;
    <的customErrors模式=关/>
    <的httpRuntime executionTimeout =14400的maxRequestLength =716800/>
    <编译调试=真targetFramework =4.0/>
    <身份验证模式=表格>
      <形式loginUrl =〜/帐号/登录超时=2880/>
    < /认证>
    <网页和GT;
      <&命名空间GT;
        <添加命名空间=System.Web.Helpers/>
        <添加命名空间=System.Web.Mvc/>
        <添加命名空间=System.Web.Mvc.Ajax/>
        <添加命名空间=System.Web.Mvc.Html/>
        <添加命名空间=System.Web.Routing/>
        <添加命名空间=System.Web.WebPages/>
        <添加命名空间=Telerik.Web.Mvc.UI/>
      < /命名空间>
    < /页>
    <型材defaultProvider =DefaultProfileProvider>
      <供应商>
        <添加名称=DefaultProfileProviderTYPE =System.Web.Providers.DefaultProfileProvider,System.Web.Providers,版本= 1.0.0.0,文化=中性公钥= 31bf3856ad364e35的connectionStringName =DefaultConnection的applicationName =// >
      < /供应商>
    < / profile文件>
    <会员defaultProvider =DefaultMembershipProvider>
      <供应商>
        <添加名称=DefaultMembershipProviderTYPE =System.Web.Providers.DefaultMembershipProvider,System.Web.Providers,版本= 1.0.0.0,文化=中性公钥= 31bf3856ad364e35的connectionStringName =DefaultConnectionenablePasswordRetrieval =false的enablePasswordReset设置=真requiresQuestionAndAnswer =假requiresUniqueEmail =假maxInvalidPasswordAttempts =5minRequiredPasswordLength =6minRequiredNonalphanumericCharacters =0passwordAttemptWindow =10的applicationName =//>
      < /供应商>
    < /会员>
    < roleManager defaultProvider =DefaultRoleProvider>
      <供应商>
        <添加名称=DefaultRoleProviderTYPE =System.Web.Providers.DefaultRoleProvider,System.Web.Providers,版本= 1.0.0.0,文化=中性公钥= 31bf3856ad364e35的connectionStringName =DefaultConnection的applicationName =// >
      < /供应商>
    < / roleManager>
    &所述;! - &下;的sessionState模式=是InProc超时=30customProvider =DefaultSessionProvider>
      <供应商>
        <添加名称=DefaultSessionProviderTYPE =System.Web.Providers.DefaultSessionStateProvider,System.Web.Providers,版本= 1.0.0.0,文化=中性公钥= 31bf3856ad364e35的connectionStringName =DefaultConnection的applicationName =// >
      < /供应商>
    < /&的sessionState GT; - >
    <的sessionState模式=SQLServer的无Cookie =真sqlConnectionString =数据源= XXXX;用户ID = XXXX;密码= XXXX超时=300sqlCommandTimeout =10/>
    <&HttpHandlers的GT;
      <添加动词=GET,HEAD路径=asset.axd验证=假TYPE =Telerik.Web.Mvc.WebAssetHttpHandler,Telerik.Web.Mvc/>
    < / HttpHandlers的>
  < /system.web>
  < system.webServer>
    <安全>
      <&的requestFiltering GT;
        < requestLimits maxAllowedContentLength =30亿/>
      < /&的requestFiltering GT;
    < /安全>
    <验证validateIntegratedModeConfiguration =FALSE/>
    <模块runAllManagedModulesForAllRequests =真/>
    < directoryBrowse启用=真/>
    <&处理GT;
      <清除NAME =资产/>
      <添加名称=资产preCondition =integratedMode动词=GET,HEAD路径=asset.axdTYPE =Telerik.Web.Mvc.WebAssetHttpHandler,Telerik.Web.Mvc/>
    < /处理器>
  < /system.webServer>
  <&运行GT;
    < assemblyBinding的xmlns =瓮:架构 - 微软COM:asm.v1>
      < dependentAssembly>
        < assemblyIdentity名称=System.Web.Helpers公钥=31bf3856ad364e35/>
        < bindingRedirect oldVersion =1.0.0.0-2.0.0.0NEWVERSION =2.0.0.0/>
      < / dependentAssembly>
      < dependentAssembly>
        < assemblyIdentity名称=System.Web.Mvc公钥=31bf3856ad364e35/>
        < bindingRedirect oldVersion =0.0.0.0-4.0.0.0NEWVERSION =4.0.0.0/>
      < / dependentAssembly>
      < dependentAssembly>
        < assemblyIdentity名称=System.Web.WebPages公钥=31bf3856ad364e35/>
        < bindingRedirect oldVersion =0.0.0.0-2.0.0.0NEWVERSION =2.0.0.0/>
      < / dependentAssembly>
      < dependentAssembly>
        < assemblyIdentity名称=Microsoft.WindowsAzure.StorageClient公钥=31bf3856ad364e35文化=中性/>
        < bindingRedirect oldVersion =0.0.0.0-1.7.0.0NEWVERSION =1.7.0.0/>
      < / dependentAssembly>
    < / assemblyBinding>
  < /运行>
 < /结构>


解决方案

有一个在 Html.BeginForm()助手(错误的一个不带任何参数)与使用时无Cookie =真正的。生成的URL时,它没有考虑到的会话ID。因此,而不是:

 <形式的行动=/(S(kkt0zgbnuaoxad23ew33iod4))/家庭/指数的方法=后>

它生成:

 <形式的行动=/家/指数的方法=后>

当你邮寄到 /家庭/指数重定向是自动发 /(S(kkt0zgbnuaoxad23ew33iod4))由ASP.NET。一个重定向是指一个GET请求=>您的POST操作将永远不会被击中。

正如你可以写一个自定义的 Html.BeginForm 助手来修复bug一种解决方法:

 公共静态类FormExtensions
{
    公共静态IDisposable的MyBeginForm(此的HtmlHelper的HtmlHelper)
    {
        VAR rawUrl = htmlHelper.ViewContext.HttpContext.Request.RawUrl;
        VAR formAction = htmlHelper.ViewContext.HttpContext.Response.ApplyAppPathModifier(〜/)+ rawUrl;
        VAR建设者=新TagBuilder(形式);
        builder.MergeAttributes(新RouteValueDictionary());
        builder.MergeAttribute(行动,formAction);
        builder.MergeAttribute(办法,HtmlHelper.GetFormMethodString(FormMethod.Post),TRUE);
        htmlHelper.ViewContext.Writer.Write(builder.ToString(TagRenderMode.StartTag));
        VAR形式=新MvcForm(htmlHelper.ViewContext);
        回执;
    }
}

然后使用:

  @using(Html.MyBeginForm())
{
    ...
}

至于BeginForm助手的其他重载而言,他们应该正常工作,并生成包含会话ID采取适当的行动。

ALL, Here is my web config in a Asp.net MVC4 application. I found if I set cookieless false ,everything goes fine. but If I don't want use cookie . then the application can not work.when I debug the application, I found the controller can not receive any request from the view. I think It is because when in the cookie-less mode, Something would be appended to the url before . like http:/ /localhost:8119/(S(3cicpjpagvpunr5he5fnfrj1))/.

<configuration>
  <configSections>
    <sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
      <section name="webAssets" type="Telerik.Web.Mvc.Configuration.WebAssetConfigurationSection, Telerik.Web.Mvc" requirePermission="false" />
      <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
      <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=4.4.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    </sectionGroup>
  </configSections>

  <connectionStrings>
    <add name="..." connectionString="..." providerName="System.Data.SqlClient" />
  </connectionStrings>
  <appSettings>
    <add key="webpages:Version" value="2.0.0.0" />
    <add key="webpages:Enabled" value="true" />
    <add key="PreserveLoginUrl" value="true" />
    <add key="ClientValidationEnabled" value="true" />
    <add key="UnobtrusiveJavaScriptEnabled" value="true" />
  </appSettings>
  <system.web>
    <customErrors mode="Off" />
    <httpRuntime executionTimeout="14400" maxRequestLength="716800" />
    <compilation debug="true" targetFramework="4.0" />
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="2880" />
    </authentication>
    <pages>
      <namespaces>
        <add namespace="System.Web.Helpers" />
        <add namespace="System.Web.Mvc" />
        <add namespace="System.Web.Mvc.Ajax" />
        <add namespace="System.Web.Mvc.Html" />
        <add namespace="System.Web.Routing" />
        <add namespace="System.Web.WebPages" />
        <add namespace="Telerik.Web.Mvc.UI" />
      </namespaces>
    </pages>
    <profile defaultProvider="DefaultProfileProvider">
      <providers>
        <add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
      </providers>
    </profile>
    <membership defaultProvider="DefaultMembershipProvider">
      <providers>
        <add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
      </providers>
    </membership>
    <roleManager defaultProvider="DefaultRoleProvider">
      <providers>
        <add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
      </providers>
    </roleManager>
    <!-- <sessionState mode="InProc" timeout="30" customProvider="DefaultSessionProvider">
      <providers>
        <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
      </providers>
    </sessionState> -->
    <sessionState mode="SQLServer" cookieless="true" sqlConnectionString="data source=xxxx; User ID=xxxx; password=xxxx" timeout="300" sqlCommandTimeout="10" />
    <httpHandlers>
      <add verb="GET,HEAD" path="asset.axd" validate="false" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" />
    </httpHandlers>
  </system.web>
  <system.webServer>
    <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="3000000000" />
      </requestFiltering>
    </security>
    <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true" />
    <directoryBrowse enabled="true" />
    <handlers>
      <remove name="asset" />
      <add name="asset" preCondition="integratedMode" verb="GET,HEAD" path="asset.axd" type="Telerik.Web.Mvc.WebAssetHttpHandler, Telerik.Web.Mvc" />
    </handlers>
  </system.webServer>
  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.WindowsAzure.StorageClient" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-1.7.0.0" newVersion="1.7.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
 </configuration>

解决方案

There's a bug in the Html.BeginForm() helper (the one that doesn't take any arguments) when used with cookieless="true". It doesn't take into account the session id when generating the url. So instead of:

<form action="/(S(kkt0zgbnuaoxad23ew33iod4))/home/index" method="post">

it generates:

<form action="/home/index" method="post">

When you post to /home/index a redirect is automatically made to /(S(kkt0zgbnuaoxad23ew33iod4)) by ASP.NET. A redirect means a GET request => your POST action will never be hit.

As a workaround you could write a custom Html.BeginForm helper to fix the bug:

public static class FormExtensions
{
    public static IDisposable MyBeginForm(this HtmlHelper htmlHelper)
    {
        var rawUrl = htmlHelper.ViewContext.HttpContext.Request.RawUrl;
        var formAction = htmlHelper.ViewContext.HttpContext.Response.ApplyAppPathModifier("~/") + rawUrl;
        var builder = new TagBuilder("form");
        builder.MergeAttributes(new RouteValueDictionary());
        builder.MergeAttribute("action", formAction);
        builder.MergeAttribute("method", HtmlHelper.GetFormMethodString(FormMethod.Post), true);
        htmlHelper.ViewContext.Writer.Write(builder.ToString(TagRenderMode.StartTag));
        var form = new MvcForm(htmlHelper.ViewContext);
        return form;
    }
}

and then use:

@using (Html.MyBeginForm())
{
    ...
}

As far as the other overloads of the BeginForm helper are concerned, they should work fine and generate proper action containing the session id.

这篇关于为什么Asp.net MVC4不能使用SQL Server会话状态存储的cookie的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
ASP .NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆