为什么 ASP.net 表单身份验证将我注销(当未直接连接到我的盒子时)?
我的工作服务器上有一个 ASP.net 2.0 应用程序。当我在盒子上浏览时(http://serverName 或 http://localhost) 该网站我可以使用表单身份验证登录并毫无问题地导航该网站。
当我从 Intranet 浏览该服务器时,我仍然可以登录,但每当我单击主页上的任何链接时,我都会被要求再次登录。我可以访问主页,因此身份验证正在运行,但之后我会立即重定向到登录页面。我在这两种情况下都使用相同的用户 ID。
这不是浏览器 cookie 未启用的情况,这种情况发生在使用 IE 和 Firefox 的多个不同工作站上。我的同一台计算机上运行着另一个 ASP.Net 应用程序,无论在本地还是在外部,它都可以正常运行。 (这是同一应用程序的旧版本,也使用表单身份验证。)
我使用的是 inproc 会话,而不是无 cookie 会话。本质上是直接开箱即用的会话设置。
据我所知,两个虚拟目录(旧应用程序和新应用程序)上的表单身份验证设置是相同的,并且我的计算机上没有运行防火墙。
我无法解释这一点,如果您有一些建议我可以研究,我将不胜感激。谢谢!
编辑:当我将 web.config 中的标签设置为“On”或“RemoteOnly”时,就会发生这种情况。我从 ieHttpHeaders 看到有一个对 WebResource.axd 的调用,然后下一个页面调用是我的自定义错误页面。当我将 customErrors 设置为关闭时,一切都会按预期进行。因此,该错误似乎以某种方式源自 WebResource.axd。
不幸的是,自定义错误页面的 Page_Load 方法发送到其中的信息非常少。事件参数为空,发送者为 ASP.error_aspx,但我在其中看不到太多信息。
如果其中任何一个引起了您的注意,并且您有任何调试的想法可以尝试,我很乐意倾听。再次感谢。
I've got an ASP.net 2.0 application on my server at work. When I'm on the box and browsing (either http://serverName or http://localhost) the site I can login with forms authentication and navigate the site with no trouble.
The instant I browse that server from my intranet I can still login, but anytime I click any links on the homepage I'm asked to login again. I can get to the home page, so authentication is working, but I'm immediately redirected to the login page after that. I'm using the same userid in both cases.
It's not a case of browser cookies not being enabled, this happens from several different workstations, using IE and Firefox. I have another ASP.Net app running on my same machine, and it works fine either locally or outside. (It's an older version of the same app, also using forms authentication.)
I'm using inproc sessions, not cookieless sessions either. Essentially the session setting that come straight out of the box.
The forms authentication setup on the two virtual directories (old and new app) is the same as best I can tell, and I don't have a firewall running on the machine.
I'm at a loss to explain this, and if you have some suggestions I can look into I'd be grateful. Thanks!
Edit: It appears this happens when I have the tag in my web.config set to "On" or "RemoteOnly". I see from ieHttpHeaders that there's a call to WebResource.axd, then the next page called is my custom error page. When I set customErrors to off, things work as expected. So it appears the error is originating from WebResource.axd in some way.
Unfortunately, the custom error page's Page_Load method has very little information sent into it. The event args are null and the sender is ASP.error_aspx, but I can't see much info in it.
If any of this rings a bell and if you have any ideas to try as far as debugging goes, I'm happy to listen. Thanks again.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我正在升级一个旧站点以使用动态数据,这两个站点都使用表单身份验证,并且我正在本地测试它们。
问题:
比较站点 A 和我的浏览器中的站点 B 我发现当我从使用站点 A 切换到使用站点 B 时,我必须重新登录到站点B,反之亦然。
解决方案:
在我对此的调查中,我发现了造成这种现象的原因。站点A& 相同的身份验证 cookie 名称,
站点 B 具有与站点 A
站点 B
我将名称更改为唯一,这解决了问题。
站点 A
站点 B
注意:http://localhost/SiteA & http://localhost/SiteB 托管在同一网站 (localhost) 上,因此身份验证 cookie 被覆盖。
I was upgrading an old site to use dynamic data both of these sites use forms authentication and I was testing them locally.
Problem:
When comparing Site A & Site B in my browser I found when I switched from using Site A to Use Site B I had to Re-Login to Site B and vice-versa.
Solution:
In my investigation to this I discovered what was causing this phenomena. Site A & Site B had the same authentication cookie name
Site A
Site B
I changed the names to be unique and that solved the issue.
Site A
Site B
Note: http://localhost/SiteA & http://localhost/SiteB are hosted on the same website (localhost) so the authentication cookie was being overidden.