我在我的网站上使用自定义成员资格提供程序。并使用此代码登录:
private User SetupFormsAuthTicket(string userName, bool persistanceFlag)
{
User user;
UsersContext usersContext = new UsersContext();
user = usersContext.GetUser(userName);
var userId = user.UserId;
var userData = userId.ToString(CultureInfo.InvariantCulture);
var authTicket = new FormsAuthenticationTicket(1, //version
userName, // user name
DateTime.Now, //creation
DateTime.Now.AddMinutes(30), //Expiration
persistanceFlag, //Persistent
userData);
var encTicket = FormsAuthentication.Encrypt(authTicket);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
return user;
}
但是我在我的浏览器中检查了cookie,只是保存了ASPXAUTH而没有保存ASP.NET_SessionId
我想保存ASP.NET_SessionId但persistanceFlag为true。
答案 0 :(得分:0)
如果要保留身份验证票证,则需要显式设置Cookie Expires与身份验证票证到期时间相同。
....
var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
if (authTicket.IsPersistent)
{
cookie.Expires = authTicket.Expiration;
}
Response.Cookies.Add(cookie);