身份验证不会持续用户会话
我的网站不断迫使我在请求之间返回登录页面(身份验证问题)。
我的本地网站运行良好,并且代码完全相同。不存在身份验证问题...
我一直在网上搜索并在这个问题上一整天都在抓狂,尝试按照建议的不同方法等。
有人可以向我解释一下发生了什么以及如何纠正它?
[HttpPost]
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session["Email"] = model.Email;
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", YeagerTechResources.Resources.AcctUserNamePswdInCorrect);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
下面是我登录生产站点后立即可用的 cookie 的图像。请注意,没有列出 cookie。
Cookie 信息 - http://yeagertech.com/
现在,如果您查看相同的信息,并为我的设备执行相同的代码开发站点,您会看到以下内容。这让我发疯,并为此浪费了一整天的时间。我很感激任何人的帮助!
Cookie 信息 - http://localhost:4514/
名称
代理
值
http://localhost:62613/proxy/0/
本地主机
域
路径
/
过期
2/12/2012 8:21:16 PM
请注意,在多次请求后,它会返回到登录页面 --- 仅在生产站点上,而不是在我的本地站点上。
看起来生产站点上的 cookie 在需要返回登录页面之前没有足够长的保质期。
我基本上希望 cookie 至少在用户会话期间持续存在。
我可以做什么来解决这个问题?
再次感谢....
我需要在与该网站关联的 IIS 中配置设置,但出现以下错误:
“无法使用 SQL Server,因为 SQL Server 上未安装 ASP.NET 版本 2.0 会话状态。请安装 ASP.NET 会话状态 SQL Server 2.0 或更高版本”
收到此错误后,我发现需要在 SQL Server 上启用会话状态,因此,我尝试运行 InstallSqlState.SQL 文件(位于 Microsoft.Net 版本文件夹中)在我的本地电脑)。
尝试运行脚本后,它失败(出现以下错误),因为我的托管数据库服务器上的 SystemDatabases 文件夹中没有“msdb”数据库。
“数据库“master”中的 CREATE DATABASE 权限被拒绝。如果作业不存在,则预计会出现来自 msdb.dbo.sp_delete_job 的错误。消息 229,级别 14,状态 5,过程 sp_delete_job,第 1 行 EXECUTE 权限被拒绝对象“sp_delete_job”,数据库“msdb”,架构“dbo”,级别 16,状态 1,第 10 行数据库“ASPState”不存在,请确保输入的名称正确。”
因此,除非我的托管数据库上有 msdb 数据库(我只有 master 和 tempdb),否则我不可能在 sql server 上设置会话状态。
我想知道如何从这里开始。
顺便说一句,我发现即使启用它也不太可能解决问题。我的情况不符合您最初概述的 3 个要点中的任何一个。
这是一个小数据库,里面几乎没有任何记录。我只是在我的网站上对其进行测试,以确保它工作正常,然后再开始向其添加记录。也没有时间流逝。
我正常浏览了几页,然后突然回到登录页面...
如果我的本地计算机工作正常,那么它肯定与我需要设置的内容有关,因为我正在运行您的服务器。
我将不胜感激任何帮助......
My website is constantly forcing me back to the logon page (authentication issue) in between requests.
My local website works just fine and is the same exact code. There is no authentication issue...
I've been scouring over the web and tearing my hair out all day on this issue trying different things as suggested, etc.
Can someone please explain to me what is going on and how I can rectify it?
[HttpPost]
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Session["Email"] = model.Email;
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", YeagerTechResources.Resources.AcctUserNamePswdInCorrect);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
Below, is the following image of the cookies available immediately after I log onto the production site. Note that no cookies are listed.
Cookie Information - http://yeagertech.com/
Now, if you look at the same info executing the same code for my development site, you see the following. This is driving me nuts and have wasted a whole day on this. I'd apprecaite anyone with some help!
Cookie Information - http://localhost:4514/
NAME
proxy
VALUE
http://localhost:62613/proxy/0/
DOMAIN
localhost
PATH
/
EXPIRES
2/12/2012 8:21:16 PM
Note that after several reqeusts, it goes back to the logon page --- only on the production site and not on my local site.
It seems like the cookie on the production site doesn't have a long enough shelf life before it needs to go back to the log on page.
I basically want the cookie to persist at least for the user session.
What can I do to solve this issue?
Thanks again....
I needed to configure the settings in IIS associated with this website which I did and got the following error:
"Unable to use SQL Server because ASP.NET version 2.0 Session State is not installed on the SQL server. Please install ASP.NET Session State SQL Server version 2.0 or above"
Upon receiving this error, I found that Session State needs to be enabled on SQL Server, so, I tried running the InstallSqlState.SQL file (located in the Microsoft.Net version folder on my local PC).
After trying to run the script, it fails (with the below error), because there is no "msdb" database on my hosted database server within the SystemDatabases folder.
"CREATE DATABASE permission denied in database 'master'. If the job does not exist, an error from msdb.dbo.sp_delete_job is expected. Msg 229, Level 14, State 5, Procedure sp_delete_job, Line 1 The EXECUTE permission was denied on the object 'sp_delete_job', database 'msdb', schema 'dbo'. Msg 911, Level 16, State 1, Line 10 Database 'ASPState' does not exist. Make sure that the name is entered correctly."
So, unless there is an msdb database on my hosted database (all I have is master and tempdb), it is impossible for me to set up session state on my sql server.
I would like to know how to proceed from here.
btw, I find it very unlikely that even if it was enabled, that this would solve the issue. My situation does not fit into any of the 3 bullet points you initially outlined.
It's a small db with hardly any records in it. I'm simply testing it out with my website to ensure it's working OK before I start to add records to it. There is no time lapse either.
I go to a couple of pages fine, and then all of a sudden, back to the logon page...
If my local machine is working fine, it defintley has to do with something that I need to set because I'm running off of your servers.
I would appreciate any help....
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我也面临这种类型的问题,但在 MVC 中没有......问题是 FormsAuthentication Ticket 在托管服务器上的 1 分钟内过期......
问题可能是你的工作进程不断回收,这将导致票据过期或会话自动结束...您可以做的是与您的托管提供商联系并提高应用程序池的私有内存限制或虚拟内存限制
或者您可以向他们询问用于加密和解密票证的机器密钥元素,这可能会解决这个问题
我也经常与我的托管提供商联系,但他们的产品开发团队花了太多时间来解决这个问题
I am also facing this type of issue but not in MVC....issue was that FormsAuthentication Ticket expires within 1 minute on hosting server.......
the problem might be that your worker process recycling constantly that will result in ticket expiration or session ending automatically....what you can do is talk to your hosting provider and up your Private Memory Limit or Virtual Memory Limit of your application pool
or you can ask them for machine key elements which is used to encrypt and decrypt the ticket may be that will solve this issue
I am also in constantly touch with my hosting provider but their product development team taking too much time to resolve the issue