首先后台代码就这些使用了 forms身份验证
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
Response.Redirect("admin/Default.aspx");
}
protected void Button1_Click(object sender, EventArgs e)
{
string UserName = TextBox1.Text;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.MaxValue, true, "", FormsAuthentication.FormsCookiePath);
string encTicket = FormsAuthentication.Encrypt(ticket);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,encTicket));
Response.Redirect(FormsAuthentication.GetRedirectUrl(UserName, true));
}
配置文件
<authentication mode="Forms">
<forms name="aspnet" loginUrl="Login.aspx" defaultUrl="admin/AdminDefault.aspx" timeout="30"></forms>
</authentication>
30分钟超时。
但FormsAuthenticationTicket 的isPersistent已经为true了。就是说超时的话就按照DateTime.MaxValue了。但是翻了下cookies它写的是会话结束失效。怎么会这样。。
还有。。之前是用FormsAuthentication.RedirectFromLoginPage(strUserName, Ckbset.Checked);的
RedirectFromLoginPage的第2个参数true是永久或者50年吗?为什么true了它只是按照配置文件里面30分钟。false的话更惨直接又是会话结束时失效救命啊~~~
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
Response.Redirect("admin/Default.aspx");
}
protected void Button1_Click(object sender, EventArgs e)
{
string UserName = TextBox1.Text;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, UserName, DateTime.Now, DateTime.MaxValue, true, "", FormsAuthentication.FormsCookiePath);
string encTicket = FormsAuthentication.Encrypt(ticket);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,encTicket));
Response.Redirect(FormsAuthentication.GetRedirectUrl(UserName, true));
}
配置文件
<authentication mode="Forms">
<forms name="aspnet" loginUrl="Login.aspx" defaultUrl="admin/AdminDefault.aspx" timeout="30"></forms>
</authentication>
30分钟超时。
但FormsAuthenticationTicket 的isPersistent已经为true了。就是说超时的话就按照DateTime.MaxValue了。但是翻了下cookies它写的是会话结束失效。怎么会这样。。
还有。。之前是用FormsAuthentication.RedirectFromLoginPage(strUserName, Ckbset.Checked);的
RedirectFromLoginPage的第2个参数true是永久或者50年吗?为什么true了它只是按照配置文件里面30分钟。false的话更惨直接又是会话结束时失效救命啊~~~
解决方案 »
- Winform中的CheckListBox控件能否将某项灰掉???
- 名空间使用问题
- .net 如何获取mysql的返回值
- 帮忙,水晶表的问题
- DIV問題...
- 请教:如何将word文档转换为PDF格式的文档?
- 自动增长字段使用时的困惑,请进来看看
- DataGridView中如何在输入数据后将焦点定位到指定的单元格
- 数据显示问题:如何不用GRIDVIEW显示数据库数据,最好是ASP显示的方式,但是对库的操作是在.CS里的.谢谢!!!
- 救助:搞了好几天的.net环境下的每日编译环境,都没有搞定,有做过的或者正在做的,帮帮我吧,难受死了...
- C# 如何捕获一个USB设备发送到PC的数据
- 添加KeyPress问题
private static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath, bool hexEncodedTicket)
{
Initialize();
if (userName == null)
{
userName = string.Empty;
}
if ((strCookiePath == null) || (strCookiePath.Length < 1))
{
strCookiePath = FormsCookiePath;
}
DateTime utcNow = DateTime.UtcNow;
DateTime expirationUtc = utcNow.AddMinutes((double) _Timeout);
FormsAuthenticationTicket ticket = FormsAuthenticationTicket.FromUtc(2, userName, utcNow, expirationUtc, createPersistentCookie, string.Empty, strCookiePath);
string str = Encrypt(ticket, hexEncodedTicket);
if ((str == null) || (str.Length < 1))
{
throw new HttpException(SR.GetString("Unable_to_encrypt_cookie_ticket"));
}
HttpCookie cookie = new HttpCookie(FormsCookieName, str) {
HttpOnly = true,
Path = strCookiePath,
Secure = _RequireSSL
};
if (_CookieDomain != null)
{
cookie.Domain = _CookieDomain;
}
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
return cookie;
}以上是用reflector显示的.net源码,一看就明白了!
private static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie, string strCookiePath, bool hexEncodedTicket)
{
Initialize();
if (userName == null)
{
userName = string.Empty;
}
if ((strCookiePath == null) || (strCookiePath.Length < 1))
{
strCookiePath = FormsCookiePath;
}
DateTime utcNow = DateTime.UtcNow;
DateTime expirationUtc = utcNow.AddMinutes((double) _Timeout);
FormsAuthenticationTicket ticket = FormsAuthenticationTicket.FromUtc(2, userName, utcNow, expirationUtc, createPersistentCookie, string.Empty, strCookiePath);
string str = Encrypt(ticket, hexEncodedTicket);
if ((str == null) || (str.Length < 1))
{
throw new HttpException(SR.GetString("Unable_to_encrypt_cookie_ticket"));
}
HttpCookie cookie = new HttpCookie(FormsCookieName, str) {
HttpOnly = true,
Path = strCookiePath,
Secure = _RequireSSL
};
if (_CookieDomain != null)
{
cookie.Domain = _CookieDomain;
}
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
return cookie;
}
以上是.net源码,一看就明白了,请看这句:
DateTime expirationUtc = utcNow.AddMinutes((double) _Timeout);
FormsAuthenticationTicket ticket = FormsAuthenticationTicket.FromUtc(2, userName, utcNow, expirationUtc, createPersistentCookie, string.Empty, strCookiePath);
虽然你给ticket设置为MaxValue,但最终用的还是Timeout设置的时间。
这只能说明微软的东西做得并不好,概念混淆,穆棱两可!
你没有为HttpCookie设置expires,默认就是会话cookie!