子域页面上的 Page.User.Identity.Name 为空白
我有多个子域尝试使用单个子域进行身份验证,使用表单身份验证,所有子域都在 Windows Server 2008 r2 上运行。
所有表单身份验证页面都设置为使用相同的名称,并且在身份验证页面上,cookie 添加了以下代码片段:
FormsAuthentication.SetAuthCookie(txtUserName.Text, false);
System.Web.HttpCookie MyCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(User.Identity.Name.ToString(), false);
MyCookie.Domain = ConfigurationManager.AppSettings["domainName"];
Response.AppendCookie(MyCookie);
当我登录到signon.mysite.com 时,page.user.identity.isauthenticated 和 page. user.identity.name 属性都工作正常。当我导航到 subdomain.mysite.com 时,page.user.identity.isauthenticated 返回 true,但名称为空。
我尝试使用以下命令从 cookie 中检索它,但它也是空白的。
HttpCookie cookie = Request.Cookies[".ASPXAUTH"];
FormsAuthenticationTicket fat = FormsAuthentication.Decrypt(cookie.Value);
user2_lbl.Text = fat.Name;
在谷歌搜索这个问题时,我发现有些人说必须将某些内容添加到 global.asax 中,而其他人则说没有必要。
目标是能够登录身份验证子域并具有可从根站点和其他子域访问的用户身份。机器密钥在所有 web.config 中匹配,并且 AppSettings["domainName"] 目前设置为“mysite.com”。
有谁知道是什么阻止我访问用户信息?
I have multiple subdomains trying to use a single subdomain for authentiction using forms authentication all running on windows server 2008 r2.
All of the forms authentication pages are setup to use the same name, and on the authentication page the cookie is added with the following snippet:
FormsAuthentication.SetAuthCookie(txtUserName.Text, false);
System.Web.HttpCookie MyCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(User.Identity.Name.ToString(), false);
MyCookie.Domain = ConfigurationManager.AppSettings["domainName"];
Response.AppendCookie(MyCookie);
When I am logged in to signon.mysite.com the page.user.identity.isauthenticated and page.user.identity.name properties both work fine. When I navigate to subdomain.mysite.com the page.user.identity.isauthenticated returns true, bue the name is empty.
I tried to retrieve it from the cookie using the following, but it also was blank.
HttpCookie cookie = Request.Cookies[".ASPXAUTH"];
FormsAuthenticationTicket fat = FormsAuthentication.Decrypt(cookie.Value);
user2_lbl.Text = fat.Name;
When googling the issue I found some people saying something must be added to global.asax and other saying it wasn't necessary.
The goal is to be able to login on the authentication subdomain and have the user identity accessible from the root site and other subdomains. Machine keys match in all web.config, and the AppSettings["domainName"] is set to "mysite.com" currently.
Does anyone know what is preventing me from accessing the user information?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
将“mysite.com”更改为“.mysite.com”(注意前导“.”)。
这将告诉浏览器该 cookie 对子域也有效。
Change "mysite.com" to be ".mysite.com" (note the leading ".").
That'll tell the browser that the cookie is valid for subdomains as well.