我很难在具有自定义主体的MVC应用程序中实现“记住我”功能.我把它归结为ASP.NET没有为我检索身份验证cookie.我在Google Chrome中添加了一张快照.
>显示在控制器操作中设置并放置在ViewData中以供视图读取的Request.Cookies的结果.请注意,它缺少.ASPXAUTH cookie
>显示Chrome开发人员工具的结果.你可以看到.ASPXAUTH包含在这里.
alt text http://i50.tinypic.com/ibctjd.png
这可能是什么问题?为什么ASP.NET不从cookie集合中读取此值?
我的应用程序使用自定义IPrincipal. BusinessPrincipalBase是一个CSLA对象,它实现了IPrincipal.这是代码:
@H_404_11@[Serializable()] public class MoralePrincipal : BusinessPrincipalBase { private User _user; public User User { get { return _user; } } private MoralePrincipal(IIdentity identity) : base(identity) { if (identity is User) { _user = (User)identity; } } public override bool Equals(object obj) { MoralePrincipal principal = obj as MoralePrincipal; if (principal != null) { if (principal.Identity is User && this.Identity is User) { return ((User)principal.Identity).Equals(((User)this.Identity)); } } return base.Equals(obj); } public override int GetHashCode() { return base.GetHashCode(); } public static bool Login(string username,string password) { User identity = User.Fetch(username,password); if (identity == null || !identity.IsAuthenticated) { identity = (User)User.UnauthenicatedIdentity; } MoralePrincipal principal = new MoralePrincipal(identity); Csla.ApplicationContext.User = principal; Context.Current.User = identity; return identity != null && identity.IsAuthenticated; } public static void logout() { IIdentity identity = User.UnauthenicatedIdentity; MoralePrincipal principal = new MoralePrincipal(identity); ApplicationContext.User = principal; Context.Current.User = identity as User; } public override bool IsInRole(string role) { if (Context.Current.User == null || Context.Current.Project == null) { return false; } string userRole = Context.Current.User.GetRole(Context.Current.Project.Id); return string.Compare(role,userRole,true) == 0; } @H_404_11@public class MoraleMembershipProvider : MembershipProvider { public override bool ValidateUser(string username,string password) { bool result = MoralePrincipal.Login(username,password); HttpContext.Current.Session["CslaPrincipal"] = ApplicationContext.User; return result; } #region Non-Implemented Properties/Methods public override string ApplicationName { get { return "Morale"; } set { throw new NotImplementedException(); } } // Everything else just throws a NotImplementedException #endregion }我不认为这是任何相关的,因为底线是Request.Cookies不返回身份验证cookie.它与cookie的大小有关吗?我听说cookie有大小问题.
更新:问题似乎围绕子域.此站点使用子域托管,cookie域保留为空.有没有人对如何让auth cookie与所有域(例如http://example.com,http://www.example.com和http://sub.example.com)一起使用有任何指示?
解决方法
你也检查过这个吗?
ASPXAUTH cookie is not being saved
我不确定这是否会导致cookie出现在chrome中但实际上没有传递给浏览器,或者它是否会阻止cookie保存但值得一看.
