使用子域时会话被重置
[英]Session being reset when using sub-domain
问题描述
I'm trying to use sub-domains in my ASP.NET website but I'm coming across a few problems with the session being reset. 
我正在尝试在ASP.NET网站中使用子域,但是在重置会话时遇到一些问题。
I've edited my hosts file to have 'localhost', 'one.localhost' and 'two.localhost'. 我已经将主机文件编辑为具有“ localhost”,“ one.localhost”和“ two.localhost”。 I can go to any of these URLs and do what I need to do and login to my system. 我可以转到这些URL中的任何一个,然后执行所需的操作并登录到我的系统。 The session mode is defined as follows in the web.config: 会话模式在web.config中定义如下:
<sessionState cookieless="false" mode="SQLServer" timeout="300"
sqlConnectionString="Data Source=MyDatabase;user id=User1;password=pass"/>
I'm using SQLServer as the website will be ran as a webfarm. 我正在使用SQLServer,因为该网站将作为Webfarm运行。
What I'm finding is when I click something that causes a postback all the session is lost and a new session id is created, when this occurs my website is now 'localhost' rather than the logged in 'one.localhost' for example. 我的发现是,当我单击导致回发的操作时,所有会话都丢失并且创建了新的会话ID,这种情况发生时,我的网站现在是“ localhost”,而不是例如登录的“ one.localhost”。
Does anyone know what might be causing this? 有谁知道这可能是什么原因?
Cheers 干杯
2 个解决方案
解决方案1
3 已采纳 2010-03-08 13:40:17
You seem to have a couple of issues going on from your question: 您的问题似乎有两个问题:
- Sharing session information across multiple sub-domains. 跨多个子域共享会话信息。
- Login in to multiple domains. 登录到多个域。
- Staying on the correct domain during a postback. 在回发期间停留在正确的域上。
To share the session information across multiple sub-domains, you'll need to write the session cookie to the correct domain, in this case .example.com - see more information here: "ASP.NET Session State, Cookies and Sub-domains" . 要在多个子域之间共享会话信息,您需要将会话cookie写入正确的域,在本例中为.example.com在此处查看更多信息: “ ASP.NET会话状态,Cookie和子域“ 。
If you want the user to log in on all domains simultaneously, and you're using Forms authentication, you can use the domain attribute of the forms element (note the leading period in the domain path): 如果您希望用户同时登录所有域,并且正在使用Forms身份验证,则可以使用Forms元素的domain属性(请注意域路径中的前置时间):
<forms
name="name"
loginUrl="URL"
defaultUrl="URL"
domain=".example.com">
</forms>
You'll need to configure this on all sites. 您需要在所有站点上进行配置。
As to why you're being redirected to localhost rather than one.localhost on a postback, you'd need to take a look at the source that's been rendered (are you including some base href information, or is your form explicitly posting back to localhost instead of one.localhost)? 至于为什么要在回发中将您重定向到localhost而不是one.localhost,您需要查看已呈现的源(您是否包含一些基本href信息,或者您的表单是否显式回发到了本地主机,而不是一个本地主机)? A good tool to see what the browser is doing is Fiddler . Fiddler是查看浏览器运行状况的一个很好的工具。
Finally, as a heads up for when you deploy this to multiple servers, don't forget to configure your MachineKey on all sites to ensure that they have the same value so that they can decrypt the session, login tokens, viewstate, etc correctly. 最后,作为将其部署到多台服务器时的提示,请不要忘记在所有站点上配置MachineKey以确保它们具有相同的值,以便它们可以正确地解密会话,登录令牌,视图状态等。
解决方案2
1 2010-03-08 13:26:16
Basically, the domain being set in the logged in cookie is specific to one.localhost. 基本上,在登录的cookie中设置的域特定于one.localhost。
There are some possible hacks. 有一些可能的hacks。 see eg the last answer to this question : 参见例如该问题的最后答案:
In the login/start page, run the following: 在登录/开始页面中,运行以下命令:
Response.Cookies["ASP.NET_SessionId"].Value = Session.SessionID;
Response.Cookies["ASP.NET_SessionId"].Domain = ".mydomain.com";
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.