Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
724 views
in Technique[技术] by (71.8m points)

asp.net forms authentication logged out when logged into another instance

I am doing some development on my local machine using VS 2010 and running my dev code in Cassini, I also have taken a copy of the same code and deployed it to c:mp and setup a web application in IIS7 to point to this directory.

Both applications are pointing to different databases. I access the IIS one by http://localhost/mp

When I log into either one of these it results in my being logged out from the other if I am already logged in.

I have a feeling this is something to do with the forms authentication we are using and possibly overwriting the cookie but I have not found anything useful yet.

The forms authentication setup look as follows

<authentication mode="Forms">
    <forms name="MP" loginUrl="~/login.aspx" protection="All" timeout="20" path="/" slidingExpiration="true" cookieless="UseCookies" defaultUrl="~/Modules/Enquirer/Default.aspx" />
</authentication>

We are also using roles and the membership providers

 <roleManager enabled="true" cacheRolesInCookie="true" defaultProvider="AspNetSqlRoleProvider">
            <providers>
                <clear />
                <add name="AspNetSqlRoleProvider" connectionStringName="mpconnectionstring" applicationName="mp" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
            </providers>
        </roleManager>
        <membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="20" hashAlgorithmType="SHA1">

We are also using inProc session state for both although I'm not sure if that would be an issue.

Can anyone suggest why this is happening and how to get around it?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

The issue is with the cookie, because the cookie keep the logged confirmation.

Changing the name of your cookie on web.config is probably solve your issue. So setup the name and the domain according to the two diferent logins, using 2 different cookie suffix names.

<authentication mode="Forms">
 <forms ... name=".CookieSuffix" domain="yoururl.com" ... />
</authentication> 

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...