简体繁体 English

配置IIS以允许多个用户同时访问

[英]Configure IIS to Allow Multiple Users Simultaneous Access

原文 2012-03-07 00:50:42 8 2 asp.net/ session/ iis/ authentication/ web

I have an ASP.NET website on a WinServer2k8 machine, which is protetced through Forms Authentication. 我在WinServer2k8计算机上有一个ASP.NET网站，该计算机通过Forms Authentication保护。 At the moment, if one person logs in on Machine A, all login attempts on Machine B will fail (A & B are using the same internet connection to access the server). 目前，如果一个人登录到计算机A，则所有在计算机B上的登录尝试都将失败（A和B使用相同的Internet连接访问服务器）。 The login request doesn't return any errors, rather it simply redirects back to a login screen as though the authentication never happened. 登录请求不会返回任何错误，而只是重定向回登录屏幕，就像从未进行过身份验证一样。 I would like to know how to configure this site either through IIS7 or a web.config file so that it will allow any number of simultaneous user sessions. 我想知道如何通过IIS7或web.config文件配置此站点，以便允许任何数量的同时用户会话。 All of the settings for the website are set to the IIS7 defaults. 网站的所有设置都设置为IIS7默认设置。 I've tried changing session-state modes, the Maximum sessions property, and the Forms Authentication settings in IIS7. 我尝试更改会话状态模式，“最大会话数”属性和IIS7中的“表单身份验证”设置。

Any help is appreciated. 任何帮助表示赞赏。

PS - I have also tested machines that are using a different IP Address for their internet connection and I am still unable to start a simultaneous session from that end as well. PS-我还测试了使用不同IP地址进行互联网连接的计算机，但是我仍然无法从该端开始同时进行会话。

PPS - If I attempt to start a session from a web browser on the server machine itself, it will work every time, regardless of who is logged in. Thoughts? PPS-如果我尝试通过服务器计算机本身上的Web浏览器启动会话，则无论谁登录，该会话每次都能工作。

EDIT - I'm using Windows session credentials for authentication - the method used by the webpage back-end is LogonUser, which is imported from advapi32.dll 编辑-我正在使用Windows会话凭据进行身份验证-网页后端使用的方法是LogonUser，这是从advapi32.dll导入的

2 个解决方案

If you learn more about forms authentication details, you know that IIS/ASP.NET uses a cookie to identify whether a user has been authenticated. 如果您了解有关表单身份验证详细信息的更多信息，则会知道IIS / ASP.NET使用cookie来标识用户是否已通过身份验证。 For load balancing scenarios, you need to enable ASP.NET session, and use out of process session mode (SQL Server mode recommended). 对于负载平衡方案，您需要启用ASP.NET会话，并使用进程外会话模式（建议使用SQL Server模式）。

Only in that way, a user's session is valid across machines, and he/she can access all boxes after authenticated on one of them, 只有这样，用户的会话才能在多台计算机上有效，并且他/她在其中一台计算机上进行身份验证后才能访问所有设备，

The last bit you need to pay attention to is the machine keys. 您需要注意的最后一点是机器键。 For all boxes, they must use the same machine key to encrypt the session info. 对于所有盒子，它们必须使用相同的机器密钥来加密会话信息。 Otherwise, if the user is authenticated on one box, another box cannot decrypt the info. 否则，如果用户在一个盒子上通过了身份验证，则另一个盒子无法解密该信息。

http://msdn.microsoft.com/en-us/library/ff649308.aspx http://msdn.microsoft.com/en-us/library/ff649308.aspx

I discovered the source of my problem, and as it turns out, there was nothing wrong with the way I was using Forms Authentication. 我发现了问题的根源，事实证明，我使用表单身份验证的方式没有任何问题。

The error, as it turns out was a timeout value for the authentication request that was too low for any machine to beat except for the very server that hosts the website. 事实证明，该错误是身份验证请求的超时值，该值太低，无法托管任何主机（托管网站的服务器除外）。 I modified the timeout value for the Forms tag in the web.config file from 5 to 5000 and that did the trick. 我将web.config文件中Forms标记的超时值从5修改为5000，达到了目的。

So what appeared to be a problem of the server mishandling sessions was actually just the inability of other machines to complete an authentication request in time. 因此，服务器会话处理不当的问题实际上就是其他机器无法及时完成身份验证请求。 Thanks for your help anyway. 还是要谢谢你的帮助。