3
当我登录时,使用.NET 4和带有自定义布局模板的asp.net登录控件,无论是否选中记住我复选框,控件似乎会创建一个身份验证Cookie,并让我登录,直到我通过单击退出按钮明确退出。在登录状态下关闭浏览器并不会使我注销。asp:使用LayoutTemplate登录会创建持久性cookie,无论是否记住我被检查
有人可以帮助解释可能是什么原因造成的?
<asp:Login ID="Login1" runat="server" OnLoggingIn="Login1_LoggingIn" OnLoggedIn="Login1_LoggedIn" OnLoginError="Login1_LoginError">
<LayoutTemplate>
<asp:Panel runat="server" DefaultButton="btnLogin">
<label>Email</label> <div class="required">*</div>
<asp:RequiredFieldValidator runat="server" ControlToValidate="UserName" Display="Dynamic" ErrorMessage="Required" InitialValue="" SetFocusOnError="true" ValidationGroup="Login" /><br />
<asp:TextBox runat="server" ID="UserName" class="input" ValidationGroup="Login" />
<label>Password</label> <div class="required">*</div>
<asp:RequiredFieldValidator runat="server" ControlToValidate="Password" Display="Dynamic" ErrorMessage="Required" InitialValue="" SetFocusOnError="true" ValidationGroup="Login" /><br />
<asp:TextBox runat="server" ID="Password" TextMode="Password" class="input" style="margin:0 0 6px 0;" ValidationGroup="Login" />
<asp:Checkbox runat="server" ID="RememberMe" Text="Remember me" CssClass="remember-me" />
<asp:LinkButton runat="server" ID="btnLogin" CommandName="Login" Text="Sign In" CssClass="login-button" ValidationGroup="Login" />
</asp:Panel>
</LayoutTemplate>
</asp:Login>
protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)
{
string username = Login1.UserName.Trim();
if (IsValid)
{
MembershipUser user1 = Membership.GetUser(username);
if (user1 != null)
{
if (Membership.ValidateUser(user1.UserName, Login1.Password))
{
Login1.UserName = user1.UserName;
}
}
}
protected void Login1_LoggedIn(object sender, EventArgs e)
{
if (Roles.IsUserInRole(Login1.UserName, "Users"))
{
Response.Redirect("users.aspx", true);
}
<authentication mode="Forms">
<forms timeout="129600" name=".AUTHCOOKIE" protection="All" slidingExpiration="true" path="/" requireSSL="false" loginUrl="~/login.aspx" cookieless="UseCookies"/>
</authentication>
感谢您的回复,但这是行不通的。我在if(Membership.ValidateUser())中添加了RedirectFromLoginPage(),并且在成功登录后记住我没有选中我关闭浏览器窗口,然后返回到网站,我仍然登录。这是在我们的测试服务器上,不是本地主机。 – 2014-10-10 15:37:20
你关闭了整个浏览器还是关闭了选项卡?因为我试图关闭整个浏览器和所有实例,并且它对我有用......嗯......让我看看我是否可以拿出别的东西。 – 2014-10-10 18:42:19
这是我从那里得到答案,并为他工作:http://stackoverflow.com/questions/2715873/asp-net-forms-authentication-cookie-not-expiring/2716020#2716020 – 2014-10-10 18:43:37