如何为 ASP classic 配置 IIS Express(如 IIS 8.0)。
是的,当您使用 IIS 8.0 时,您可以在 ASP 设置页面上选择“安全连接上的新 ID”,设置为 false,则 http 和 https 之间的 session 不会丢失
但我在 IIS Express 上找不到相同的选项,当我在 http 上重定向 https 时,我的 session 会丢失。
用于 https 转 http 来加密登录页面
"https://mysite:44300/login.asp" -> "http://mysite:4540/home.asp"
请帮助我。
谢谢
最佳答案
已经在评论中解决了,但为了完整性
IIS Express 对功能没有任何限制
From ScottGu's Blog - Introducing IIS Express
We have been working on a new flavor of IIS 7.x that is optimized for developer scenarios that we are calling “IIS Express”. We think it combines the ease of use of the ASP.NET Web Server with the full power of IIS. Specifically:
- It’s lightweight and easy to install (less than 10Mb download and a super quick install)
- It does not require an administrator account to run/debug applications from Visual Studio
- It enables a full web-server feature set – including SSL, URL Rewrite, Media Support, and all other IIS 7.x modules
- It supports and enables the same extensibility model and web.config file settings that IIS 7.x support
- It can be installed side-by-side with the full IIS web server as well as the ASP.NET Development Server (they do not conflict at all)
- It works on Windows XP and higher operating systems – giving you a full IIS 7.x developer feature-set on all OS platforms
话虽如此,但使用起来有点棘手,因为 GUI 的功能非常有限。唯一可用的选项是使用 IIS 内置的强大配置架构,IIS Express 也支持该架构。
您需要将以下值添加到 IIS Web 应用程序根目录中的 web.config
文件中。
<system.webServer>
<asp>
<session keepSessionIdSecure="false" />
</asp>
</system.webServer>
这相当于 GUI 属性安全连接上的新 ID
。
Note: This should work but if you have problems getting it to work you may find that adding it to the
applicationHost.config
works better. See Answer to Classic ASP session weirdness between HTTP and HTTPS
关于asp.net - HTTPS 到 HTTP ASP 在 IIS Express 上共享 cookie 和 session ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37134485/