[英].Net Core Cookie Authentication - User Getting Wrong Claims
I have a very strange issue with a .net core mvc site, which is hosted in IIS. 我有一个非常奇怪的问题,一个.net核心mvc网站,它托管在IIS中。
When a user logs in with this code: 用户使用以下代码登录时:
var claimsIdentity = new ClaimsIdentity(
new List<Claim>() { new Claim(ClaimTypes.Role, "Admin", null), new Claim("Name", userName, null) }, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30),
IsPersistent = false,
};
HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
The first user logs in with their name being displayed. 第一个用户登录时显示其名称。 However, when another user logs on they get the first users name displayed rather than their own.
但是,当另一个用户登录时,他们会显示第一个用户名而不是他们自己的用户名。
I have tried experimenting with the cookie options all with no success but this is my current configuration: 我尝试过尝试使用cookie选项都没有成功,但这是我目前的配置:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options => {
options.Cookie.HttpOnly = false;
options.LoginPath = "/Account/Login";
options.LogoutPath = "/Account/LogOff";
options.Cookie.IsEssential = true;
options.Cookie.MaxAge = new TimeSpan(0, 2, 0, 0, 0);
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.Name = "SITECODEHERE";
});
Any help would be appreciated, as I am sure that I am making a silly mistake somewhere. 任何帮助将不胜感激,因为我确信我在某处犯了一个愚蠢的错误。
After much investigating it turns out that issue was being caused by caching on our firewall. 经过大量调查后发现,问题是由我们的防火墙缓存引起的。
Removing this solved the issue. 删除它解决了这个问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.