Web服务器场的共享SQLServer会话状态上的登录问题
[英]Login issues on shared SQLServer session state of web-farm
问题描述
Per a question I posted yesterday , our website's DNS structure has changed to round-robin DNS which literally swaps back and and forth between two production servers. 
根据我昨天发布的一个问题 ,我们网站的DNS结构已更改为循环DNS,该DNS实际上在两个生产服务器之间来回交换。 Our web.config for both prod servers has: 我们用于两个产品服务器的web.config具有:
-
<sessionState mode="SQLServer" ... >pointing to the same shared DB<sessionState mode="SQLServer" ... >指向相同的共享数据库 - A
machineKeyon each server that is consistent between the two (this was the main point of my post yesterday).每个服务器上的machineKey在两者之间是一致的(这是我昨天发布的要点)。 - [ update ] The same domain in the
<forms domain=".mydomain.com" ... >tag[ update ] <forms domain=".mydomain.com" ... >标记中的相同域
When we use the login feature on the site, the login actually makes a web service request to a 3rd website that authenticates a user. 当我们在网站上使用登录功能时,登录实际上是向第三个对用户进行身份验证的网站发出Web服务请求。 If the resulting response says it was a successful login, then we use FormsAuthentication to log the user in: 如果返回的结果表明登录成功,则我们使用FormsAuthentication将用户登录:
FormsAuthentication.SetAuthCookie(strUserID, true);
Our issue is that on some pages we see we are logged in, others we're not. 我们的问题是,在某些页面上我们看到我们已登录,而其他页面则未登录。 Is this something indicative of either us not completing a final step to share session between two prod servers or could our SQL server session DB be broken? 这是否表明我们没有完成在两个产品服务器之间共享会话的最后步骤,还是我们的SQL Server会话数据库可能被破坏了?
Thanks in advance 提前致谢
UPDATE : Our code to determine if the user is logged in is quite basic: 更新 :确定用户是否已登录的代码非常基本:
HttpContext.Current.User.Identity.IsAuthenticated
UPDATE 2 : 更新2 :
When I hit prod1.mysite.com (or prod2.mysite.com) I get a cookie called "ASP.NET_SessionId" but when I hit the live public URL, www.mysite.com, I don't get this cookie. 当我访问prod1.mysite.com(或prod2.mysite.com)时,我得到一个名为"ASP.NET_SessionId"的cookie,但是当我访问实时公共URL www.mysite.com时,却没有此cookie。 Is this part of the problem? 这是问题的一部分吗?
RESOLUTION : 解决方法 :
It turns out that everything we did here was all correct and that our live site which uses Akamai was being cached in various states due to Akamai's cache configuration. 事实证明,我们在这里所做的一切都是正确的,并且由于Akamai的缓存配置,使用Akamai的实时站点已在各种状态下缓存。 Sharing your logged in state between servers has been confirmed to work. 已确认在服务器之间共享您的登录状态可以正常工作。
1 个解决方案
解决方案1
0 已采纳 2010-10-05 13:17:13
One thing you could do is use the Firebug add-on for Firefox to ensure that the authentication cookie is being sent to the browser as expected after logging in although as you are seeing that you are logged in on some pages I would expect this to be the case. 您可以做的一件事是使用Firefox的Firebug插件,确保登录后按预期将身份验证cookie发送到浏览器,尽管您看到自己登录了某些页面,但我希望这样做是案子。
Another thing to check would be that the domain is set correctly for the authentication cookie and that it is valid for all pages on your website. 要检查的另一件事是,已为身份验证Cookie正确设置了域,并且该域对您网站上的所有页面均有效。
This is typically set in you web.config in the forms tags, example below and should be same on each server in the web farm. 通常,这是在web.config中的表单标签中设置的,例如下面的示例,并且在Web场中的每个服务器上都应该相同。
<authentication mode="Forms">
<forms name="yourAuthCookie" loginUrl="/login.aspx" protection="All" path="/" domain="mydomain.com" timeout="30"/>
</authentication>
If this is all correct then it is possible that session is not being shared correctly between your servers although the settings that your have described in your question appear to cover what is needed. 如果这一切都是正确的,则尽管您在问题中描述的设置似乎可以满足需要,但您的服务器之间可能无法正确共享会话。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.