开发者

Help! Why do my IE users get randomly logged off?

开发者 https://www.devze.com 2023-01-07 01:39 出处:网络
ASP.NET MVC 2.0, here\'s my auth code: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Login(string username, string password, string returnUrl) {

ASP.NET MVC 2.0, here's my auth code:

[AcceptVerbs(HttpVerbs.Post)]
public ActionResult Login(string username, string password, string returnUrl) {
    if (ModelState.IsValid) {
        // Attempt to login
        var loginSuccessful = provider.ValidateUser(username, password);

        if (loginSuccessful) {
            FormsAuthentication.SetAuthCookie(username, true);
            if (!String.IsNullOrEmpty(returnUrl))
                return Redirect(returnUrl);


            return RedirectToAction("Index", "Home");

        }
    }
    return View(Language + "/Login", Vd);
}

Pretty much straight default authentication. Works fine for logging in. However, IE users get auto logged off randomly, even while they're 开发者_StackOverflowactive on the site. Other browsers work fine. Here's the forms auth from web.config:

<authentication mode="Forms">
    <forms loginUrl="~/en/Account/Login" timeout="2880"/>
</authentication>

Where do I begin to look in this case? Have I found a bug?


As far as I can see everything seems fine, however, could your issue be something to do with your use of a persistent cookie? I think persistent cookies are not meant to timeout, which is why you might be using them.

Try using a non-persistent one instead, and see if that works:

FormsAuthentication.SetAuthCookie(username, false);

Also, a few others notes of interest:

  • I think that the timeout attribute in a web.config is specified in minutes. You've specified more than 2000 minutes.
  • By default, sliding expiration is disabled, so after n minutes it will timeout anyway. If this isn't what you want, then add a slidingExpiration="true" entry onto your <forms/> element in the web.config.


What kind of session mode are you using-in process or out of process? If you are using in process with non-persistent cookie and the application pool recycles, then session is lost.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号