如何手动删除子域为asp.net身份验证设置的cookie?
Cookie已设置在setter.test.com
;
<authentication mode="Forms">
<forms domain="test.com" loginUrl="Default.aspx" protection="All" path="/" requireSSL="false" timeout="45" name=".ASPXAUTH" slidingExpiration="true" defaultUrl="Default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"/>
</authentication>
在getter.test.com
的应用程序中,这是我的注销代码(删除该cookie):
public ActionResult LogOut()
{
//Manually remove the cookie created by 3rd party authentication
if (Request.Cookies[".ASPXAUTH"] != null)
{
HttpCookie myCookie = new HttpCookie(".ASPXAUTH");
myCookie.Expires = DateTime.Now.AddDays(-1d);
Response.Cookies.Add(myCookie);
}
}
这不起作用。
答案 0 :(得分:4)
一个小小的变化,你应该开始。
public ActionResult LogOut()
{
//Manually remove the cookie created by 3rd party authentication
if (Request.Cookies[".ASPXAUTH"] != null)
{
HttpCookie myCookie = new HttpCookie(".ASPXAUTH");
myCookie.Expires = DateTime.Now.AddDays(-1d);
myCookie.Domain = "test.com";
Response.Cookies.Add(myCookie);
}
}
您必须确保两者的域名设置相同。
答案 1 :(得分:3)
由于您只能使用该名称生成一个cookie,无论域名如何,我认为建议的方法是:
FormsAuthentication.SignOut();