the

the

关注
发信
关注(28)粉丝(399)

在一个网站的多个应用程序 - 会话和窗体身份验证范围

本文介绍了在一个网站的多个应用程序 - 会话和窗体身份验证范围的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们正在使用ASP.NET和IIS 6.0。我认识到的应用程序,网站和虚拟目录的定义在IIS 6界限不清,并在IIS 7改变了很多不过,我坚持了IIS 6.0现在。

We're using ASP.NET and IIS 6.0. I realise that the definitions of applications, websites and virtual directories are ill-defined in IIS 6, and changed a lot in IIS 7. However, I'm stuck with IIS 6.0 for now.

我们在IIS中定义一个网站,以及一些在虚拟目录单独的子网站。

We have a single web site defined in IIS, and a number of separate sub-sites in Virtual Directories.

该计划是这样的: -

The scheme looks like this:-

http://site.example.com/site1
http://site.example.com/site2
.. etc ..

站点1,站点2,......在IIS 6.0中的虚拟目录,默认Web站点下。

site1, site2, ... are virtual directories in IIS 6.0, under the "Default Web Site".

我需要这些网站大多使用ASP.NET会话和窗体身份验证,我不想让他们在所有共享认证数据或会话信息。

I need to use ASP.NET sessions and forms authentication in most of these sites, and I don't want them to share authentication data or session information at all.

无论是目前的机制依赖于饼干。然而,默认创建的饼干使用相同的名称,并在浏览器有/的路径,这意味着该网站的Cookie会互相冲突。

Both the mechanisms currently depend on cookies. However, the cookies created by default use the same name, and have a path of "/" in the browser, meaning the sites' cookies will clash with each other.

无每个cookie更改默认的名字,我怎么能执行我的子站之间的分离?我是否需要更改IIS 6应用程序的虚拟目录?或者有没有在code某种方式来强制执行饼干更有限的范围内?

Without changing the default name for each cookie, how can I enforce separation between my sub-sites? Do I need to change the virtual directories for IIS 6 "Applications"? Or is there some way in code to enforce a more limited scope for the cookies?

先谢谢了。

推荐答案

有关窗体身份验证,可以定义在 FormsCookiePath 属性来反映每个子网站的虚拟目录。

For Forms Authentication, you can define the FormsCookiePath property to reflect the virtual directory of each sub site.

http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.formscookiepath.aspx

有关会话状态,我还没有看到任何可以定义一个路径,但你可以从标准的 cookieName =ASP.NET_SessionId价值远定义不同的cookie名称。这样,每个子网站寻找出不同的会话cookie。

For Session State, I haven't seen anything that can define a path, but you can define different cookie names away from the standard cookieName="ASP.NET_SessionId" value. That way each sub site is looking out for different session cookies.

http://msdn.microsoft.com/en-us/library/h6bb9cz9(v=VS.100).aspx

这篇关于在一个网站的多个应用程序 - 会话和窗体身份验证范围的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

11-03 11:21
Powered by LMLPHP ©2024 the 0.004494