FormsAuthentication:如何为特定的子目录/ MVC控制器指定不同的cookie名称?
[英]FormsAuthentication: how to specify different cookie names for specific subdirectories/MVC controllers?
问题描述
I'm using FormsAuthentication (with cookies) for users authentication, with the default cookie name (".ASPXAUTH"). 
我正在使用FormsAuthentication(带有cookie)进行用户身份验证,具有默认的cookie名称(“ .ASPXAUTH”)。
What I need is a different login system for the "/Admin/" virtual directory (backed by an ASP.NET MVC controller, "AdminController")... as if the "/Admin/" directory was another web application, but without creating another web project inside my solution. 我需要的是“ / Admin /”虚拟目录(由ASP.NET MVC控制器“ AdminController”支持)的不同登录系统...好像“ / Admin /”目录是另一个Web应用程序一样,但是没有在我的解决方案中创建另一个Web项目。
How can I customize, at runtime, the cookie name used by FormsAuthentication? 如何在运行时自定义FormsAuthentication使用的cookie名称? The FormsAuthentication.FormsCookieName is readonly (and static...), and can be customized only once inside the web.config... FormsAuthentication.FormsCookieName是只读的(并且是静态的...),并且只能在web.config内部进行一次自定义...
Should I create a custom FormsAuthenticationModule? 我应该创建一个自定义FormsAuthenticationModule吗?
A controller filter, like the following, could be great: 如下所示的控制器过滤器可能很棒:
[CustomFormsAuthenticationCookie("NewCookieName")]
public class AdminController : Controller
{
1 个解决方案
解决方案1
1 已采纳 2010-09-14 20:55:41
Trick is the underlying authentication framework really can't handle this--you can't have multiple forms authentication bits running. 技巧是底层的身份验证框架真的不能处理这个问题-您不能运行多种形式的身份验证位。 Easiest solution would be to break the admin bits off into a separate website which would end up living elsewhere and not get caught up in the public site's authentication. 最简单的解决方案是将管理位分解成一个单独的网站,该网站最终将生活在其他地方,而不会陷入公共站点的身份验证中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.