注册 登录
编程论坛 ASP.NET技术论坛

asp.net cookies 过期不会跳到登录页面,而是提示 过多的重定向... 谢谢!!

eleven_peng 发布于 2014-01-03 10:50, 742 次点击
下面是配置文件...急呀。。谢谢,准备要上线了。。。

<?xml version="1.0"?>
<configuration>
<appSettings>
<!-- 连接字符串是否加密 -->
<add key="ConStringEncrypt" value="false"/>
<!-- 数据库连接字符串,(如果采用加密方式,上面一项要设置为true;加密工具,可在官方下载,
          如果使用明文这样server=127.0.0.1;database=.....,上面则设置为false。 -->
<add key="ConnectionString" value="xxx;database=xxx;uid=sa;pwd=sa"/>
<!--虚拟目录名称(如果是站点,则为空) -->
<add key="VirtualPath" value=""/>
<!--登录页地址 -->
<add key="LoginPage" value="admin/Login.aspx"/>
<!--默认菜单是否是展开状态-->
<add key="MenuExpanded" value="false"/>
<!--实体对象内容缓村的时间(分钟)-->
<add key="ModelCache" value="30"/>
</appSettings>
<connectionStrings>
<add name="connString" connectionString="server=xxx;uid =sa;pwd =sa;database =xxx"/>
</connectionStrings>
<system.web>
    <sessionState mode='StateServer'
                  stateConnectionString='tcpip=127.0.0.1:42424'
                  sqlConnectionString="Data Source=xxx;Initial Catalog=ASPState;User ID=sa;Password=sa;"
                  allowCustomSqlDatabase="true"
                  sqlCommandTimeout="10"
                  cookieless='false'
                  timeout='120'/>
   
<httpRuntime executionTimeout="3600" maxRequestLength="1048576"/>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
</assemblies>
</compilation>
    <!--<customErrors mode="Off"/>-->
    <customErrors mode="RemoteOnly" defaultRedirect="~/ErrorPage/GenericErrorPage.htm">
      <error statusCode="403" redirect="~/ErrorPage/NoAccess.htm" />
      <error statusCode="404" redirect="~/ErrorPage/FileNotFound.htm" />
    </customErrors>
<identity impersonate="true"/>
<authentication mode="Forms">
<forms name="forums" loginUrl="/Admin/Login.aspx" protection="All" timeout="480"></forms>
</authentication>
<authorization>
<allow users="*"/>
</authorization>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
<controls>
<add tagPrefix="CKEditor" assembly=" namespace="
</controls>
</pages>
        <httpModules>
            <add name="MyHttpModule" type="HL., HL., Version=3.5.0, Culture=neutral"/>
        </httpModules>
        <trace enabled="true" pageOutput="false"/>
</system.web>
<system.webServer>
<defaultDocument>
<files>
<clear/>
<add value="Default.aspx"/>
<add value="Default.htm"/>
<add value="Default.asp"/>
</files>
</defaultDocument>
<httpErrors errorMode="Detailed"/>
</system.webServer>
</configuration>
1 回复
#2
wangnannan2014-01-03 11:25
你这个forms验证 cookie时间不应该这样设置
登录页面 写入COOKIE 设置有效期 给你个我写的例子
程序代码:
        <authentication mode="Forms">
            <forms loginUrl="login.aspx" defaultUrl="~/Default.aspx" slidingExpiration="true" name="login_account">
            </forms>
        </authentication>
        <authorization>
            <deny users="?"/>
        </authorization>

 
程序代码:
        /// <summary>
        
/// 执行用户登录操作
        
/// </summary>
        
/// <param name="loginName">登录名</param>
        
/// <param name="userData">与登录名相关的用户信息</param>
        
/// <param name="expiration">登录Cookie的过期时间,单位:分钟。</param>
        public void SignIn(string loginName, User userData, int expiration)
        {
            //把需要保存的用户数据转成一个字符串。
            string data = null;
            if( userData != null )
            data = (new JavaScriptSerializer()).Serialize(userData);

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(2, loginName, DateTime.Now, DateTime.Now.AddDays(1), true, data);
            //加密cookie
            string HashTicket = FormsAuthentication.Encrypt(ticket);
            //根据加密结果创建登录Cookie
            HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket);
            UserCookie.HttpOnly = true;
            UserCookie.Secure = FormsAuthentication.RequireSSL;
            UserCookie.Domain = FormsAuthentication.CookieDomain;
            UserCookie.Path = FormsAuthentication.FormsCookiePath;
            if (expiration > 0)
                UserCookie.Expires = DateTime.Now.AddMinutes(expiration);
            HttpContext context = HttpContext.Current;
            if (context == null)
                throw new InvalidOperationException();
            // 写登录Cookie
            context.Response.Cookies.Remove(UserCookie.Name);
            context.Response.Cookies.Add(UserCookie);

            if (Context.Request["ReturnUrl"] != null)
            {
                Response.Redirect(Context.Request["ReturnUrl"]);
            }
            else
            {
                Response.Redirect(FormsAuthentication.DefaultUrl);
            }
        }


 
1