ASP.NET 表单身份验证在本地主机服务器上进行身份验证,但不在 Web 服务器上进行身份验证
我一直在使用 C# (v3.5) 在 ASP.NET 中实现表单身份验证。
我创建了一个简单的登录表单,当用户的电子邮件和密码存储在我的 SQL 数据库中。
当我登录本地主机时,一切工作正常,但是当我发布项目并将其上传到我的生产 Web 服务器时,事情对我来说有点奇怪。
即使登录成功,HttpContentxt.Current.User.Identity.IsAuthenticated 变量也会返回 false(同样,在 localhost 中一切正常)。
这是以下登录按钮点击代码(我正在使用自己的DataAccess,忽略它不相关的代码):
protected void btnLogin_Click(object sender, EventArgs e)
{
Page.Validate("Login");
if (Page.IsValid)
{
string email = txtEmail.Text;
string passwd = FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "MD5");
WebFactory.DataAccess.Users.Data userData = new WebFactory.DataAccess.Users.Data(ConnectionString);
userData.Load(new WebFactory.DataAccess.Users.Item[] {
new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Email, email),
new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Password, passwd)
});
if (userData.HasData) // Login Success
{
if (!cbRememberMe.Checked)
{
FormsAuthentication.SetAuthCookie(userData.Id.ToString(), false);
}
else
{
FormsAuthentication.Initialize();
DateTime expires = DateTime.Now.AddDays(20);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
userData.Id.ToString(),
DateTime.Now,
expires,
true,
String.Empty,
FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.Expires = expires;
Response.Cookies.Add(authCookie);
}
lblStatus.Text = "";
if (Common.QS.HasRefUrl)
{
Response.Redirect(Common.QS.RefUrl);
}
else
{
Common.UserTools.RedirectLoggedInUser(userData.Id);
}
}
else // Login failed
{
lblStatus.Text = "Email or password is wrong. please try again."
}
}
}
感谢所有帮助者,并对英语错误表示歉意。
I've been implementing the Forms Authentication in ASP.NET with C# (v3.5).
I created a simple login form, when the users' email & passwords are stored in my SQL db.
When I login in my localhost, everything works just fine, but when I published the project and uploaded it on to my production web server, things got a little bit wierd for me.
The HttpContentxt.Current.User.Identity.IsAuthenticated variable return false, even if the login was successfull (and again, in localhost everything works fine).
This is the following login button click code (I'm using my own DataAccess, ignore it's irrelevant code):
protected void btnLogin_Click(object sender, EventArgs e)
{
Page.Validate("Login");
if (Page.IsValid)
{
string email = txtEmail.Text;
string passwd = FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "MD5");
WebFactory.DataAccess.Users.Data userData = new WebFactory.DataAccess.Users.Data(ConnectionString);
userData.Load(new WebFactory.DataAccess.Users.Item[] {
new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Email, email),
new WebFactory.DataAccess.Users.Item(WebFactory.DataAccess.Users.Columns.Password, passwd)
});
if (userData.HasData) // Login Success
{
if (!cbRememberMe.Checked)
{
FormsAuthentication.SetAuthCookie(userData.Id.ToString(), false);
}
else
{
FormsAuthentication.Initialize();
DateTime expires = DateTime.Now.AddDays(20);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
userData.Id.ToString(),
DateTime.Now,
expires,
true,
String.Empty,
FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.Expires = expires;
Response.Cookies.Add(authCookie);
}
lblStatus.Text = "";
if (Common.QS.HasRefUrl)
{
Response.Redirect(Common.QS.RefUrl);
}
else
{
Common.UserTools.RedirectLoggedInUser(userData.Id);
}
}
else // Login failed
{
lblStatus.Text = "Email or password is wrong. please try again."
}
}
}
Thanks for all helpers, and sorry for the english mistakes.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
谢谢大家,我解决了问题。
我只需要在
name属性,现在一切正常。再次感谢!
Thanks all, I solved the problem.
I just needed to enter a
nameattribute in the<forms>clause and everything works perfectly now.Thanks again!
尝试检查 web.config 中的表单身份验证配置。特别是域和路径变量。该域应与您网站的域匹配,路径应与应用程序文件夹名称匹配。您可能不会拥有其中之一,因此只需将其设置为“/”。
您还可以设置跟踪以确保应用程序确实正在读取 cookie。
Try checking the Forms Authentication Configuration in your web.config. Specifically the domain and path variables. The domain should match the domain of your website and the path should match the application folder name. You probably won't have one of these, so just set it to "/"
You can also set up tracing to make sure that the cookie is actually being read by the application.