ASP.NET MVC 身份验证 cookie

Question

当我尝试再次登录一天后，我的 Web 应用程序身份验证 cookie 超时。 我尝试通过诺基亚浏览器和 Internet Explorer 访问该应用程序，两者的行为相同。

这是我的登录过程:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                      Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

我的web.config设置:

<forms loginUrl="~/consignment/Account/LogOn" timeout="2880" protection="All" name=".consignmentauthadmin"/>

我正在尝试:

    [HttpPost]
    [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
                     Justification = "Needs to take same parameter type as Controller.Redirect()")]
    public ActionResult LogOn(LogOnModel model, string returnUrl)
    {
        if (MembershipService.ValidateUser(model.UserName, model.Password))
        {
            //FormsService.SignIn(model.UserName, model.RememberMe);
            FormsAuthenticationTicket Authticket = new
                        FormsAuthenticationTicket(1,
                        model.UserName,
                        DateTime.Now,
                        DateTime.Now.AddYears(1),
                        true,
                        "",
                        FormsAuthentication.FormsCookiePath);

            string hash = FormsAuthentication.Encrypt(Authticket);

            HttpCookie Authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);

            if (Authticket.IsPersistent) Authcookie.Expires = Authticket.Expiration;

            Response.Cookies.Add(Authcookie);

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            return RedirectToAction("Index", "Home");
        }
        ModelState.AddModelError("", "The user name or password provided is incorrect.");

        // If we got this far, something failed, redisplay form
        return View(model);
    }

我不希望身份验证在我从应用程序注销之前过期。我做错了什么？

Answer 1

尝试查看您的网络服务器 IIS 应用程序池，它有一个默认设置的“应用程序刷新”。 将其关闭...这应该可以解决您的问题。