FormsAuthentication 在 .NET 3.5 中回发后不会保留 UserData 字段
我从头开始创建了一个 FormsAuthenticationTicket,但发现稍后检索它时,UserData 不会返回。这是使用的代码:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
user.UserId,
DateTime.Now,
DateTime.MaxValue,
false,
user.UserType);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket));
Response.Cookies.Add(cookie);
但是,当在下一个 Request 上读回此内容时,我发现 UserData 字段现在为空:
string encryptedCookie = Request.Cookies[ FormsAuthentication.FormsCookieName ].Value;
FormsAuthenticationticket ticket = FormsAuthentication.Decrypt(encryptedCookie);
Assert.IsTrue( ticket.UserData.Length == 0 ); //TRUE!
有什么想法吗?
I've created a FormsAuthenticationTicket from scratch, but found that when retrieving it at a later time, the UserData isn't coming back. Here is the code used:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
user.UserId,
DateTime.Now,
DateTime.MaxValue,
false,
user.UserType);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket));
Response.Cookies.Add(cookie);
However, when reading this back on the next Request, I found that the UserData field is now empty:
string encryptedCookie = Request.Cookies[ FormsAuthentication.FormsCookieName ].Value;
FormsAuthenticationticket ticket = FormsAuthentication.Decrypt(encryptedCookie);
Assert.IsTrue( ticket.UserData.Length == 0 ); //TRUE!
Any ideas?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我想我发现了问题。如果你自己起一个 cookie 的名字似乎就可以了!因此,从: 更改为
:
然后按照问题检索它:
它可能会用 .NET 做一些棘手的事情,因此将其放入新的中可以正常工作。
更新:
此外,票证需要刷新,否则票证将在用户使用网站时过期:
I think I found the problem. If you make up your own cookie name it seems to be fine! So change from:
to
And then retrieve it as per the question:
Its possible .NET does some tricky stuff with it, so by putting it in a new one works fine.
UPDATE:
Also, the ticket needs to be refreshed, as otherwise the ticket will expire while the user is using the website:
我也遇到过这个问题。
但我认为真正的原因是服务器设置了相同的 cookie 两次,第二次覆盖了包含 UserData 字段的第一个。
您可以通过Fiddler捕获cookie写入过程,下面是显示此问题的屏幕截图:
那么,这是怎么发生的?在我的情况下,我使用登录控件进行身份验证。在登录控件的身份验证事件中,我在手动检查用户名和密码后使用我的 UserData 设置 cookie。然后,我设置了 AuthenticateEventArgs.Authenticated=true ,此时,在调试窗口中,我看到一个新的 cookie 已排队到响应中,其名称也等于 FormsAuthentication.FormsCookieName !我的解决方案是重定向到默认页面,而不是设置 AuthenticateEventArgs.Authenticated=true。
因此,您可以调试代码以查看身份验证 cookie 是否在响应队列中排队两次。
I have also encountered this problem.
But I think the real reason is that the server set the same cookie twice and the second override the first which contains your UserData field.
You can capture the cookie writing process by Fiddler, and here is a screenshot that show this problem:
So, how this happened? In my situation, I use the Login control to authenticate. In the Login control's Authenticate event, I set the cookie with my UserData after check the username and password manaully. Then, I set the
AuthenticateEventArgs.Authenticated=true, at this time, in the debug window, I see a new cookie is queued to the response which name is also equal to FormsAuthentication.FormsCookieName ! My solution is redirect to the Default page instead of setting the AuthenticateEventArgs.Authenticated=true.So, you may debug your code to see if the authentication cookie is queued to the response twice.
这对我有用:
This works for me: