我如何使用FormsAuthentication:
app1.example.com:
的web.config:
<authentication mode="Forms">
<forms name="example" loginUrl="login.aspx" domain=".example.com" protection="All" path="/" timeout="30" cookieless="UseCookies" enableCrossAppRedirects="true" />
</authentication>
app2.example.com:
的web.config:
<authentication mode="Forms">
<forms name="example" loginUrl="http://app1.example.com/login.aspx" domain=".example.com" protection="All" path="/" timeout="30" cookieless="UseCookies" enableCrossAppRedirects="true" />
</authentication>
登录时我会做:
FormsAuthentication.SetAuthCookie(
userId.ToString(), false);
FormsAuthenticationTicket ticket1 =
new FormsAuthenticationTicket(
1,
userId.ToString(),
DateTime.Now,
DateTime.Now.AddMinutes(20),
false,
sessionid // sessionid
);
HttpCookie cookie1 = new HttpCookie(
FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket1));
HttpContext.Current.Response.Cookies.Add(cookie1);
string returnUrl = HttpContext.Current.Request["redirect"] == null ? "app1.example.com" : HttpContext.Current.Request["redirect"];
HttpContext.Current.Response.Redirect(returnUrl);
在每个应用程序上,我必须读出我的自定义&#34; sessionid&#34;来自AuthCookie。在App2上,我得到了正确的ID,并且在包含登录页面的App1上,我不会(它是空的)。
有没有人知道它是怎么来的?
这是我读取用户数据的代码:
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
所有应用都在Asp.Net 4.5.2上运行
提前致谢!