System.Web.HttpContext.Current.User.Identity.IsAuthenticated 有时会失败
System.Web.HttpContext.Current.User.Identity.IsAuthenticated fails sometimes
我的生产站点(不是我的开发站点)一直有问题。有时 Firefox 和 Chrome 都无法登录用户(我们客户端网络和一般网络上的所有用户)。但奇怪的是,Internet Explorer 始终可以正常工作,并且从未失败过一次(我已经删除了浏览器中的缓存和 cookie,但仍然发生同样的事情)。
然后在一小时或 X 时间后,Firefox 和 Chrome 再次开始正常运行。
我已将其缩小到以下功能,即使在登录后也总是 returns false。
public bool isLoggedIn()
{
return System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
}
因此用户将使用此功能登录的过程如下:
public void Login_OnClick(object sender, EventArgs args)
{
string email = UserName.Text;
string password = Password.Text;
string errorMsg = string.Empty;
bool cb = cb_agreeterms.Checked;
if (tests)
{
// The code in here tests to see if email, password, etc. have been filled out.
// This works 100% of the time and is NOT a problem.
}
else
{
// Validate user.
if (Membership.ValidateUser(email, password))
{
// Get the logged in user
MembershipUser user = Membership.GetUser(email);
if (user.IsLockedOut)
{
user.UnlockUser();
}
// Gets a datatable of the user details in our general database
DataTable dtUserData = this.dbData.GetUserByEmail(user.UserName);
if (dtUserData.Rows.Count > 0)
{
FormsAuthentication.SetAuthCookie(user.UserName, true);
// The details for the userId, screenName, etc. below get set by looking at the row 0 in datatable
// The LoginSession function intializes a session with a guid and saves all the data into an Application Context. This creates a SessionGuid cookie which I see get created on FF and Chrome (and always on IE).
LoginSession(userId, screenName, permissionLevel, user.UserName);
Response.Redirect("../myinternalsite.aspx");
}
}
else if (UserExistsInMembership(email))
{
// Tested this out and entering bad credentials fails the login and error is shown correctly on screen in the login control.
// We have failed to login.
ShowLoginError("E-mail or password is incorrect.");
}
}
}
因此,当用户进行身份验证时,重定向将转到 ../myinternalsite.aspx。在 Page Load 的页面上调用了 VerifyLogin 函数并调用:
public bool isLoggedIn()
上面总是 returns falso in Chrome 和 FF 提示重定向到主页。几个小时后,它会自行修复。 IE 在 100% 的时间都工作。
web.config是这样的:
// authenticationConnection works and links correctly to the auth database just fine.
<sessionState timeout="120"/>
<membership defaultProvider="SqlProvider">
<providers>
<add connectionStringName="authenticationConnection" applicationName="Auth" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider" requiresQuestionAndAnswer="false" passwordFormat="Hashed" enablePasswordReset="true" maxInvalidPasswordAttempts="1000" passwordAttemptWindow="1" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="SqlRoleManager">
<providers>
<add name="SqlRoleManager" type="System.Web.Security.SqlRoleProvider" connectionStringName="authenticationConnection" applicationName="MyApp"/>
</providers>
</roleManager>
<identity impersonate="true"/>
Chrome 和 Firefox 中的 cookie 已设置。我删除了它们并看到它们被正确重置。但是这个问题是什么?为什么 IsAuthenticated 仅对某些浏览器失败而对其他浏览器有效然后自行修复?
我的所有不同步骤的登录模板也是这样的:
<asp:UpdatePanel ID="updateTheLogin" runat="server">
<ContentTemplate>
<asp:TextBox ID="UserName" runat="server" CssClass="loginTextbox"></asp:TextBox>
<asp:TextBox id="Password" runat="server" textMode="Password" CssClass="loginTextbox"></asp:TextBox>
<input type="button" class="btn-small pull-right disabled" id="LoginButton" value="Log In" onserverclick="Login_Click" runat="server" />
</ContentTemplate>
</asp:UpdatePanel>
如果您使用MembershipProvider,您不需要自己创建Form Authentication cookie。
我回答了 one of your question,但在阅读这篇文章后,请忽略该回答,因为您使用的是 Membership Provider,它会自动创建 IPrincipal 对象给你。
你所要做的就是使用ASP.NetLogin控制。
<asp:Login ID="Login" runat="server"></asp:Login>
注意: applicationName 应该与 membership 和 roleManager 相同。它们在您的 web.config.
中有所不同
如何查看认证用户的信息
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
var sb = new StringBuilder();
var id = (FormsIdentity) User.Identity;
var ticket = id.Ticket;
sb.Append("Authenticated");
sb.Append("<br/>CookiePath: " + ticket.CookiePath);
sb.Append("<br/>Expiration: " + ticket.Expiration);
sb.Append("<br/>Expired: " + ticket.Expired);
sb.Append("<br/>IsPersistent: " + ticket.IsPersistent);
sb.Append("<br/>IssueDate: " + ticket.IssueDate);
sb.Append("<br/>Name: " + ticket.Name);
sb.Append("<br/>UserData: " + ticket.UserData);
sb.Append("<br/>Version: " + ticket.Version);
Label1.Text = sb.ToString();
}
else
Label1.Text = "Not Authenticated";
}
我的生产站点(不是我的开发站点)一直有问题。有时 Firefox 和 Chrome 都无法登录用户(我们客户端网络和一般网络上的所有用户)。但奇怪的是,Internet Explorer 始终可以正常工作,并且从未失败过一次(我已经删除了浏览器中的缓存和 cookie,但仍然发生同样的事情)。
然后在一小时或 X 时间后,Firefox 和 Chrome 再次开始正常运行。
我已将其缩小到以下功能,即使在登录后也总是 returns false。
public bool isLoggedIn()
{
return System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
}
因此用户将使用此功能登录的过程如下:
public void Login_OnClick(object sender, EventArgs args)
{
string email = UserName.Text;
string password = Password.Text;
string errorMsg = string.Empty;
bool cb = cb_agreeterms.Checked;
if (tests)
{
// The code in here tests to see if email, password, etc. have been filled out.
// This works 100% of the time and is NOT a problem.
}
else
{
// Validate user.
if (Membership.ValidateUser(email, password))
{
// Get the logged in user
MembershipUser user = Membership.GetUser(email);
if (user.IsLockedOut)
{
user.UnlockUser();
}
// Gets a datatable of the user details in our general database
DataTable dtUserData = this.dbData.GetUserByEmail(user.UserName);
if (dtUserData.Rows.Count > 0)
{
FormsAuthentication.SetAuthCookie(user.UserName, true);
// The details for the userId, screenName, etc. below get set by looking at the row 0 in datatable
// The LoginSession function intializes a session with a guid and saves all the data into an Application Context. This creates a SessionGuid cookie which I see get created on FF and Chrome (and always on IE).
LoginSession(userId, screenName, permissionLevel, user.UserName);
Response.Redirect("../myinternalsite.aspx");
}
}
else if (UserExistsInMembership(email))
{
// Tested this out and entering bad credentials fails the login and error is shown correctly on screen in the login control.
// We have failed to login.
ShowLoginError("E-mail or password is incorrect.");
}
}
}
因此,当用户进行身份验证时,重定向将转到 ../myinternalsite.aspx。在 Page Load 的页面上调用了 VerifyLogin 函数并调用:
public bool isLoggedIn()
上面总是 returns falso in Chrome 和 FF 提示重定向到主页。几个小时后,它会自行修复。 IE 在 100% 的时间都工作。
web.config是这样的:
// authenticationConnection works and links correctly to the auth database just fine.
<sessionState timeout="120"/>
<membership defaultProvider="SqlProvider">
<providers>
<add connectionStringName="authenticationConnection" applicationName="Auth" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider" requiresQuestionAndAnswer="false" passwordFormat="Hashed" enablePasswordReset="true" maxInvalidPasswordAttempts="1000" passwordAttemptWindow="1" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="SqlRoleManager">
<providers>
<add name="SqlRoleManager" type="System.Web.Security.SqlRoleProvider" connectionStringName="authenticationConnection" applicationName="MyApp"/>
</providers>
</roleManager>
<identity impersonate="true"/>
Chrome 和 Firefox 中的 cookie 已设置。我删除了它们并看到它们被正确重置。但是这个问题是什么?为什么 IsAuthenticated 仅对某些浏览器失败而对其他浏览器有效然后自行修复?
我的所有不同步骤的登录模板也是这样的:
<asp:UpdatePanel ID="updateTheLogin" runat="server">
<ContentTemplate>
<asp:TextBox ID="UserName" runat="server" CssClass="loginTextbox"></asp:TextBox>
<asp:TextBox id="Password" runat="server" textMode="Password" CssClass="loginTextbox"></asp:TextBox>
<input type="button" class="btn-small pull-right disabled" id="LoginButton" value="Log In" onserverclick="Login_Click" runat="server" />
</ContentTemplate>
</asp:UpdatePanel>
如果您使用MembershipProvider,您不需要自己创建Form Authentication cookie。
我回答了 one of your question,但在阅读这篇文章后,请忽略该回答,因为您使用的是 Membership Provider,它会自动创建 IPrincipal 对象给你。
你所要做的就是使用ASP.NetLogin控制。
<asp:Login ID="Login" runat="server"></asp:Login>
注意: applicationName 应该与 membership 和 roleManager 相同。它们在您的 web.config.
中有所不同如何查看认证用户的信息
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
var sb = new StringBuilder();
var id = (FormsIdentity) User.Identity;
var ticket = id.Ticket;
sb.Append("Authenticated");
sb.Append("<br/>CookiePath: " + ticket.CookiePath);
sb.Append("<br/>Expiration: " + ticket.Expiration);
sb.Append("<br/>Expired: " + ticket.Expired);
sb.Append("<br/>IsPersistent: " + ticket.IsPersistent);
sb.Append("<br/>IssueDate: " + ticket.IssueDate);
sb.Append("<br/>Name: " + ticket.Name);
sb.Append("<br/>UserData: " + ticket.UserData);
sb.Append("<br/>Version: " + ticket.Version);
Label1.Text = sb.ToString();
}
else
Label1.Text = "Not Authenticated";
}