FormsAuthentication.SetAuthCookie(”UserName",false)能保存多长时间?
相关代码如下:
登陆时:
int userId = security.Login(txtUserName.Text,Security.Encrypt( txtPassword.Text.Trim()));if ( userId != -1 )
{
// Use security system to set the UserID within a client-side Cookie
FormsAuthentication.SetAuthCookie( txtUserName.Text,(lstSavePassword.SelectedIndex == 0 ? false:true));
....在Global文件中:
if (Request.IsAuthenticated == true)
{
...
cookie.Expires = DateTime.Now.AddMinutes(saveDate);
ticket = new FormsAuthenticationTicket(
1, // version
Context.User.Identity.Name, // user name
DateTime.Now, // issue time
DateTime.Now.AddMinutes( saveDate ), // expires every hour
false, // don't persist cookie
roleStr // roles
);
}
String cookieStr = FormsAuthentication.Encrypt(ticket);
cookie.Values.Add("ticket",cookieStr);
...
Response.Cookies.Add(cookie);
}web.config中有如下设置:
...
<authentication mode="Forms">
<forms name=".DIGITALKM" protection="All" timeout="60" />
</authentication>
...每次登陆完不保存密码,过一会再登陆,显示已没有登陆,可是明明authentication 中设置为60分钟啊!经查cookies中仍有内容。当FormsAuthentication.SetAuthCookie(”UserName",false)时不是读取config中的timeout吗?这个问题弄得我要死了!求救啊!!
相关代码如下:
登陆时:
int userId = security.Login(txtUserName.Text,Security.Encrypt( txtPassword.Text.Trim()));if ( userId != -1 )
{
// Use security system to set the UserID within a client-side Cookie
FormsAuthentication.SetAuthCookie( txtUserName.Text,(lstSavePassword.SelectedIndex == 0 ? false:true));
....在Global文件中:
if (Request.IsAuthenticated == true)
{
...
cookie.Expires = DateTime.Now.AddMinutes(saveDate);
ticket = new FormsAuthenticationTicket(
1, // version
Context.User.Identity.Name, // user name
DateTime.Now, // issue time
DateTime.Now.AddMinutes( saveDate ), // expires every hour
false, // don't persist cookie
roleStr // roles
);
}
String cookieStr = FormsAuthentication.Encrypt(ticket);
cookie.Values.Add("ticket",cookieStr);
...
Response.Cookies.Add(cookie);
}web.config中有如下设置:
...
<authentication mode="Forms">
<forms name=".DIGITALKM" protection="All" timeout="60" />
</authentication>
...每次登陆完不保存密码,过一会再登陆,显示已没有登陆,可是明明authentication 中设置为60分钟啊!经查cookies中仍有内容。当FormsAuthentication.SetAuthCookie(”UserName",false)时不是读取config中的timeout吗?这个问题弄得我要死了!求救啊!!
1。关闭页面而不是退出页面,关闭进入原页面,却发现已不属于登陆的人员了。但检查cookies有内容。!
ticket = new FormsAuthenticationTicket(
1, // version
Context.User.Identity.Name, // user name
DateTime.Now, // issue time
DateTime.Now.AddMinutes( saveDate ), // expires every hour
false, // don't persist cookie
roleStr // roles
);
}
String cookieStr = FormsAuthentication.Encrypt(ticket);
cookie.Values.Add("ticket",cookieStr);}
虽然在web.config中设置了时间,但这个时间是用户在线的时间,一当用户关闭刘览器,用户不在线了,那个这样时间也就无效了。用户再次登陆时,这个时间也就无效了,需要重新登陆。但是,当用户在线的时间超过了web.config中的时间时,自动要求用户重新登陆。
不知我理解的对不对? 有这样的理解才能与cookie同步啊!