在浏览器中不保存Owin Cookie身份验证设置Cookie [英] Owin cookie authentication set-cookie not saving in browser

问题描述

我建立自托管的Web服务器栈中的：
OWIN
南希
网页API 2

和我使用Microsoft.Owin.Security.Cookies从卡塔纳表单，如身份验证。我得到了set-cookie头响应，但饼干不被保存，不被包含在一个请求。那么，有什么问题呢？我做错了吗？

Owin启动：

  app.UseCookieAuthentication（新CookieAuthenticationOptions（）
        {
            AuthenticationMode = AuthenticationMode.Active，
            AuthenticationType =GM，
            CookieHttpOnly = TRUE，
            CookieSec​​ure = CookieSec​​ureOption.SameAsRequest，
            CookiePath =/，
            CookieName = CookieAuthenticationDefaults.Cookie preFIX +GM，
            CookieDomain =localhost的，
        }）;
 

控制器code：

  VAR背景= Request.GetOwinContext（）;
context.Authentication.SignIn（新AuthenticationProperties（）
    {
        IsPersistent =真
    }，
    新ClaimsIdentity（新[] {新的索赔（ClaimsIdentity.DefaultNameClaimType，user.Login）}，GM））;
context.Response.Headers.Add（位置，新的[] {/}）;
返回Request.CreateResponse（的HTTPStatus code.Found）;
 

响应头：

 的Cache-Control：no-cache的
内容长度：0
日期：星期三，2013年9月11日11时11分23秒GMT
过期：-1
位置：/
编译：无缓存
服务器：HTTPAPI / 2.0
Set-Cookie:.AspNet.GM=AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAABui2rBibE0yPXB0-v3C06gAAAAACAAAAAAAQZgAAAAEAACAAAAC1mQV3jGo_WAhMQ-hzsmzgkdbdCclWIAX-msbE0_12zQAAAAAOgAAAAAIAACAAAABuQjBg3EJIka151hvBgtlPGfQ2O_cwNI2VVh86dchTDXAAAAD21O9DnNk4yLU9eddVfY3bT9P1CEudNeLvwohkSTAQBP2onuIQfgl9F99Je5waPddckh2llD2kjftSMQPhzgE9vKm-_wE42hXhc9FIgfxpD5AdaeGatwpEcwDfGJJdpQnObX1pbjEFIXLVJxGm5qMUQAAAAC8AiFTaXmzrfRy4-jR6zqMmSKddzddmiBLGClAckWOy6W2YWdf50N2zhIj_MwN8-zi-B0tlv87pzAt-6RDZYZs;域=本地主机;路径= /;到期=周三，25月 -  2013格林尼治标准​​时间11时11分24秒;仅Http
 

解决方案

我解决了问题。这是因为域名本地主机='。这似乎'localhost'的不是域参数有效值。

I am building self-hosted web server on this stack: OWIN Nancy Web Api 2

And I am using Microsoft.Owin.Security.Cookies from Katana for forms-like authentication. I got Set-Cookie header in response, but cookie don't being saved and not being included in next request. So what's the problem? What I am doing wrong?

Owin startup:

app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationMode = AuthenticationMode.Active,
            AuthenticationType = "GM",
            CookieHttpOnly = true,
            CookieSecure = CookieSecureOption.SameAsRequest,
            CookiePath = "/",
            CookieName = CookieAuthenticationDefaults.CookiePrefix + "GM",
            CookieDomain = "localhost",
        });

Controller code:

var context = Request.GetOwinContext();
context.Authentication.SignIn(new AuthenticationProperties()
    {
        IsPersistent = true
    },
    new ClaimsIdentity(new[] {new Claim(ClaimsIdentity.DefaultNameClaimType, user.Login)}, "GM"));
context.Response.Headers.Add("Location", new []{ "/" });
return Request.CreateResponse(HttpStatusCode.Found);

Response headers:

Cache-Control:no-cache
Content-Length:0
Date:Wed, 11 Sep 2013 11:11:23 GMT
Expires:-1
Location:/
Pragma:no-cache
Server:Microsoft-HTTPAPI/2.0
Set-Cookie:.AspNet.GM=AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAABui2rBibE0yPXB0-v3C06gAAAAACAAAAAAAQZgAAAAEAACAAAAC1mQV3jGo_WAhMQ-hzsmzgkdbdCclWIAX-msbE0_12zQAAAAAOgAAAAAIAACAAAABuQjBg3EJIka151hvBgtlPGfQ2O_cwNI2VVh86dchTDXAAAAD21O9DnNk4yLU9eddVfY3bT9P1CEudNeLvwohkSTAQBP2onuIQfgl9F99Je5waPddckh2llD2kjftSMQPhzgE9vKm-_wE42hXhc9FIgfxpD5AdaeGatwpEcwDfGJJdpQnObX1pbjEFIXLVJxGm5qMUQAAAAC8AiFTaXmzrfRy4-jR6zqMmSKddzddmiBLGClAckWOy6W2YWdf50N2zhIj_MwN8-zi-B0tlv87pzAt-6RDZYZs; domain=localhost; path=/; expires=Wed, 25-Sep-2013 11:11:24 GMT; HttpOnly

解决方案

I resolved the issue. It was because 'domain=localhost'. It seems to 'localhost' isn't valid value for domain parameter.

这篇关于在浏览器中不保存Owin Cookie身份验证设置Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！