我有下面的代码
int intTimeout = (FormsAuthentication.Timeout.Hours * 60) +
FormsAuthentication.Timeout.Minutes;
var authTicket = new FormsAuthenticationTicket(1, Utility.userCookie, DateTime.Now,
DateTime.Now.AddMinutes(intTimeout), true, cookieValue);
string strEncryptedTicket = HttpUtility.UrlEncode(FormsAuthentication.Encrypt(authTicket));
var authCookie = new HttpCookie(Utility.userCookie, strEncryptedTicket);
authCookie.Expires = authTicket.Expiration;
//FormsAuthentication.RedirectFromLoginPage("", false);
authCookie.Secure = FormsAuthentication.RequireSSL;
//authCookie.Secure = true;
HttpContext.Current.Response.Cookies[Utility.userCookie].Expires = authTicket.Expiration;
HttpContext.Current.Response.Cookies[Utility.userCookie].Value = authCookie.Value;
在web.config下面
<authentication mode="Forms">
<forms timeout="2" slidingExpiration="true" requireSSL="true" />
</authentication>
我一直点击页面链接,但它仍然在2分钟内过期。
最佳答案
请注意web.config中基于自定义表单的身份验证的结构:
<forms
name="name"
loginUrl="URL"
defaultUrl="URL"
protection="[All|None|Encryption|Validation]"
timeout="[MM]"
path="path"
requireSSL="[true|false]"
slidingExpiration="[true|false]">
enableCrossAppRedirects="[true|false]"
cookieless="[UseUri|UseCookies|AutoDetect|UseDeviceProfile]"
domain="domain name"
ticketCompatibilityMode="[Framework20|Framework40]">
<credentials>...</credentials>
</forms>
如您所见,
timeout属性根据您将其设置为2的分钟(例如2分钟)来工作。通常,如果在web.config中启用
slidingExpiration。 您无需手动重新生成新的cookie 。对于您的情况,我建议您使用跟踪工具,例如 fiddler 。刷新页面时,可以从Fiddler检查cookie的过期时间是否已重置。我在Weird Timeouts With Custom ASPNETFormsAuthentication中找到了一个很好的例子,它可以为您做一些清除。
关于c# - 表单例份验证slideExpiration不起作用,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/49254434/