【发布时间】:2015-06-25 00:01:52
【问题描述】:
我使用检查查询字符串哈希值的授权属性设置表单身份验证:
FormsAuthentication.SetAuthCookie(qs["name"], false);
在下一个请求中,我检查用户是否已登录:
filterContext.HttpContext.Request.IsAuthenticated
这返回 false(看起来很奇怪,所以我看看 cookie)
filterContext.HttpContext.Request.Cookies[".ASPXAUTH"]
返回:
{System.Web.HttpCookie}
Domain: null
Expires: {1/01/0001 12:00:00 a.m.}
HasKeys: false
HttpOnly: false
Name: ".ASPXAUTH"
Path: "/"
Secure: false
Shareable: false
Value: "9A3F32523C37286093E99907E8A71C405854EE409667A34AA8E06665D0912EEA5DAD69C605F45134A9BBA314BC8C4A5AEA46F9F623013A1FA2A98F3AEE834D69555C1849926C4A369B8E5E0A2E26CBB4ACBDBC8D0389BBD9A2C8F942ACFFBF20566BA2D7A1F80914D8B097866D06CC3059DB306C3E83C09800CCD4697D38AF5C"
Values: {9A3F32523C37286093E99907E8A71C405854EE409667A34AA8E06665D0912EEA5DAD69C605F45134A9BBA314BC8C4A5AEA46F9F623013A1FA2A98F3AEE834D69555C1849926C4A369B8E5E0A2E26CBB4ACBDBC8D0389BBD9A2C8F942ACFFBF20566BA2D7A1F80914D8B097866D06CC3059DB306C3E83C09800CCD4697D38AF5C}
那么cookie就在那里,让我们解密它看看它是否有效?
FormsAuthentication.Decrypt(filterContext.HttpContext.Request.Cookies[".ASPXAUTH"].Value)
{System.Web.Security.FormsAuthenticationTicket}
CookiePath: "/"
Expiration: {25/06/2015 12:09:17 p.m.}
Expired: false
IsPersistent: false
IssueDate: {25/06/2015 11:39:17 a.m.}
Name: "john"
UserData: ""
Version: 2
所以cookie都好了,为什么Request.IsAuthenticated返回false???
【问题讨论】:
标签: .net cookies model-view-controller forms-authentication