我使用的ASP.NET表单身份验证似乎在线工作正常,但在我的开发环境中却不适用于Internet Explorer,Firefox和Chrome。据我所知,IIS在请求页面时没有发送Set-Cookie HTTP标头:
GET http://127.0.0.1:81/ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: nb-NO
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 127.0.0.1:81
DNT: 1
Connection: Keep-Alive
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 08 Oct 2014 19:24:58 GMT
Content-Length: 13322
我尝试将127.0.0.1 www.example.com添加到\Windows\System32\drivers\etc\hosts文件并访问http://www.example.com:81,但这没有效果。这是我的web.config设置:
<!-- ASP.NET forms authentication is enabled by default -->
<authentication mode="Forms">
<!-- Set the page to redirect to when the user attempts to access a restricted resource -->
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
答案 0 :(得分:0)
如果在ASP.NET网页中没有发送cookie,我总是设置一个虚拟cookie,从而找到了解决办法:
/// <summary>
/// Force the browser to use cookies if none are in use.
/// Sets an empty cookie.
/// </summary>
void ForceCookiesIfRequired()
{
if (Request.Cookies == null || Request.Cookies.Count == 0)
{
// No cookies, so set a dummy blank one
var cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, String.Empty) { Expires = DateTime.Now.AddYears(-1) };
Response.Cookies.Add(cookie1);
}
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
// Force the use of cookies if none are sent
ForceCookiesIfRequired();
}
我之前从来没有这么做过,有一些微软补丁或升级破碎的ASP.NET表单身份验证吗?检查自己的解决方案的一种方法是清除我猜的cookie。这会强制IIS服务器发送Set-Cookie HTTP标头。