同步不同子域中的Cookie和会话（asp.net） [英] sync cookies and sessions in different subdomains (asp.net)

问题描述

我在asp.net中建立一个网站，并有多个子网域。例如，
one.cookies.com
two.cookies.com

I am building a site in asp.net and have multiple subdomains. For example, one.cookies.com two.cookies.com

我希望我的用户能够在任一子域中登录，并且登录这两个网站。此外，我希望会话和Cookie 保持同步。

I want my users to be able to login at either subdomain and be logged in for both websites. In addition, I'd like the sessions and cookies to be in sync. So far I haven't found a reliable way to do this.

推荐答案

当你创建cookie时，你可以设置域：

When you create the cookie you can set the domain:

HttpCookie cookie = new HttpCookie("name", "value");
cookie.Domain = "cookies.com";

这将允许您从cookie.com的所有子域访问您的cookie。

This will allow your cookie to be accessible from all subdomains of cookies.com.

如果您使用FormsAuthentication，那么您可以在web.config中设置auth cookie的域：

If you are using FormsAuthentication then you can set the domain for the auth cookie in web.config:

<forms name=".ASPXAUTH"
       loginUrl="login.aspx"
       defaultUrl="default.aspx"
       protection="All"
       timeout="30"
       path="/"
       requireSSL="false"
       domain="cookies.com">
</forms>

请记住，对于单个登录来处理多个子域，ASP.NET应用程序必须共享相同的机器密钥此CodeProject 文章。

Remember that for the single sign-on to work on multiple subdomains your ASP.NET applications must share the same machine keys as explained in this CodeProject article.

不同子域（不同的工作进程）之间共享会话更为困难，因为会话限制在应用程序中，您必须实现自定义会话同步机制。

Sharing sessions between different subdomains (different worker processes) is more difficult because sessions are constrained to an application and you will have to implement a custom session synchronization mechanism.

这篇关于同步不同子域中的Cookie和会话（asp.net）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！