共享托管环境中的Asp.Net Web API Cookie到期
[英]Asp.Net Web API Cookie Expiration on shared hosting env
问题描述
I am new to the asp.net web api and facing below problem. 
我是asp.net网络api的新手,面临以下问题。
1- I am having a website which is hosted on a shared hosting env(GoDaddy). 1-我有一个托管在共享托管env(GoDaddy)上的网站。 Server is written in the Asp.Net Web Api. 服务器是用Asp.Net Web Api编写的。 Client is written in HTML and communicating via ajax requests. 客户端是用HTML编写的,并通过ajax请求进行通信。 This application is totally session less but sends cookie to the browser and expects a cookie back on each subsequent requests. 该应用程序完全没有会话,但将cookie发送到浏览器,并期望在每个后续请求中返回cookie。 IIS version is 7 IIS版本是7
2- For authentication purpose , I am using FormsAuthentication 2-出于身份验证的目的,我正在使用FormsAuthentication
FormsAuthentication.SetAuthCookie(model.Username, false);
3- I have specified time out settings in web.config as below 3-我在web.config中指定了超时设置,如下所示
<authentication mode="Forms">
<forms loginUrl="~/" timeout="2880"
slidingExpiration="true" />
</authentication>
4- I am using Default Authorize filer on certain actions to disallow anonymous access on certain actions 4-我正在对某些操作使用默认授权文件管理器,以禁止对某些操作进行匿名访问
Question 题
1 -now as timeout is set for 2 days but i am getting HTTP 401 error after 20 to 30 mins of inactivity , my impression with slidingExpiration is that within 2 days if user do something on website , its timeout will be renewed but if somehow user does something on protected actions after 20 or 30 mins then 401 error is raised. 1-现在将超时设置为2天,但是在20至30分钟的不活动状态后出现HTTP 401错误,对slideExpiration的印象是,如果用户在网站上进行某些操作,则在2天之内将恢复其超时,但是如果用户以某种方式在20或30分钟后对受保护的操作执行操作,然后引发401错误。
2- Browser presents the default logon box but if i provide credentials in the default logon box (after 401 is raised), how to handle logon process in the asp.net webapi. 2-浏览器显示默认登录框,但是如果我在默认登录框(在401出现后)中提供凭据,则如何在asp.net webapi中处理登录过程。
1 个解决方案
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.