手动删除asp.net身份验证cookie

时间:2011-01-19 18:30:15

标签: asp.net

如何手动删除子域为asp.net身份验证设置的cookie?

Cookie已设置在setter.test.com; 

<authentication mode="Forms">
    <forms domain="test.com" loginUrl="Default.aspx" protection="All" path="/" requireSSL="false" timeout="45" name=".ASPXAUTH" slidingExpiration="true" defaultUrl="Default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"/>
</authentication>

getter.test.com的应用程序中,这是我的注销代码(删除该cookie):

public ActionResult LogOut()
{
        //Manually remove the cookie created by 3rd party authentication
            if (Request.Cookies[".ASPXAUTH"] != null)
            {
                HttpCookie myCookie = new HttpCookie(".ASPXAUTH");
                myCookie.Expires = DateTime.Now.AddDays(-1d);
                Response.Cookies.Add(myCookie);
            }
}

这不起作用。

2 个答案:

答案 0 :(得分:4)

一个小小的变化,你应该开始。

public ActionResult LogOut()
{
    //Manually remove the cookie created by 3rd party authentication
        if (Request.Cookies[".ASPXAUTH"] != null)
        {
            HttpCookie myCookie = new HttpCookie(".ASPXAUTH");
            myCookie.Expires = DateTime.Now.AddDays(-1d);
            myCookie.Domain = "test.com";
            Response.Cookies.Add(myCookie);
        }
}

您必须确保两者的域名设置相同。

答案 1 :(得分:3)

由于您只能使用该名称生成一个cookie,无论域名如何,我认为建议的方法是:

FormsAuthentication.SignOut();

请参阅http://support.microsoft.com/kb/910443

相关问题
最新问题