The use of forms authentication for distributed deployment of applications is not successful, referring to some methods on the web.
Application deployment of two intranet servers: 192.168.1.19,192.168.1.87, using nginx load distribution, the configuration is identical; each can be logged in and run.
<system.web> <!--Configure the secure authentication mode that ASP. NET uses to identify incoming users. domain=". zt-express.com"-<authentication mode="Forms"> <forms name=". Gdzdauthenforms"Loginurl="~/login.aspx"timeout="2880"Defaulturl="~/main.aspx"Path="/"protection=" All"/> </authentication> <machinekey validationkey="e804106b394de7148524a5fb0e7e282f05c3bb98553931f2b3fcdc896473390205326a876aa5490050d795fa181604651878b4285475150437a73 F9D705E412A"decryptionkey="9be9f489677a8285d6a00e902857abb2986c73534ff2a901"validation="SHA1"/> <authorization> <allow users="*"/> </authorization> <anonymousidentification enabled="true"Cookiename=". Gdzdanonymous"/> "true"targetframework="4.0"/> <pages enablesessionstate="true"controlrenderingcompatibilityversion="4.0"/> <customerrors mode="Off"/> <sessionstate timeout="3600"> </sessionState> </system.web>
Processing after successful login at the following time
/// <summary> ///create a ticket and place it in a cookie///The data in the ticket is encrypted to solve the security problem of the cookie. /// </summary> /// <param name= "UserInfo" >logged in user</param> /// <param name= "Issuedatetime" >Release Time</param> /// <param name= "Experation" >Expiry Time</param> /// <param name= "Ispersistent" >Durability</param> Public Static voidSetcookie (Baseuserinfo userInfo, DateTime? issuedatetime =NULLDatetime? Experation =NULL,BOOLIspersistent =true) { if(Issuedatetime = =NULL) {Issuedatetime=DateTime.Now; } if(Experation = =NULL) { //Set cookie Expiration timeExperation =DateTime.Now.AddHours (systeminfo.userloginexperation); } basesysteminfo.userinfo=UserInfo; BaseSystemInfo.UserInfo.ServicePassword=Basesysteminfo.servicepassword; BaseSystemInfo.UserInfo.ServiceUserName=Basesysteminfo.serviceusername; BaseSystemInfo.UserInfo.SystemCode=Basesysteminfo.systemcode; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); stringUserData =javascriptserializer.serialize (Basesysteminfo.userinfo); //generate a validation ticket that includes the user name, effective time, expiration time, whether persistent and user data, and so on. FormsAuthenticationTicket ticket =NewFormsAuthenticationTicket (1, Userinfo.nickname, (DateTime) Issuedatetime, (datetime) experation, ispersistent, UserData, Formsauthentication.formscookiepath); HttpCookie Cookies=NewHttpCookie (Formsauthentication.formscookiename, Formsauthentication.encrypt (ticket)); Cookies. Expires=(DateTime) experation; HttpResponse Response=HttpContext.Current.Response; //Specify whether client script can access [default = False]Cookies. HttpOnly =true; //specifies a unified path, which can be stored and taken throughCookies. Path ="/"; Response. AppendCookie (cookie); //Remove the permission cache data to retrieve the cached data againRemoverediscache (UserInfo); }
The following is the code for validation
//test whether the HttpContext.Current.User.Identity.IsAuthenticated is valid in a distributed deploymentResponse.Write (string. Format ("test whether the HttpContext.Current.User.Identity.IsAuthenticated is valid in a distributed deployment isauthenticated:{0}", HttpContext.Current.User.Identity.IsAuthenticated)); Response.Write ("<br/>cookie output Start ============================="); foreach(stringCookieNameinchrequest.cookies) {varMyCookie =Request.cookies[cookiename]; if(MyCookie! =NULL) {Response.Write ("<br/>"+ CookieName +"contained in"+ MyCookie. Values.count +"a key"); if(MyCookie. Values.count >0) { foreach(stringSinchMyCookie. Values) {Response.Write ("<br/> ""+ S +""="+ Mycookie[s]. ToString () +";"); } }}} Response.Write ("<br/>cookie output Complete ============================="); Response.Write ("<br/>formscookiename="+formsauthentication.formscookiename); HttpCookie Authcookie=Httpcontext.current.request.cookies[formsauthentication.formscookiename]; if(Authcookie! =NULL) {FormsAuthenticationTicket AuthTicket=Formsauthentication.decrypt (Authcookie.value); if(AuthTicket! =NULL) { stringUserData =Authticket.userdata; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); varUserInfo = javascriptserializer.deserialize<baseuserinfo>(UserData); Response.Write ("<br/>nickname="+userinfo.nickname); } Else{Response.Write ("<br/>authticket = null"); } } Else{Response.Write ("<br/>authcookie = null"); } Response.Write ("<br/>clientipaddress ="+userinredis.getcurrentipaddress (httpcontext.current)); Response.Write ("<br/>serveripaddress ="+ Request.ServerVariables.Get ("local_addr"));
After the deployment, log in to the system and access the test page
You can see that the current Access app is assigned to the 192.168.1.19.
Now stop the 192.168.1.19 application and visit the test page
As can be seen from the above, access is assigned to the 192.168.1.87, while the. gdzdauthenforms cookie used for authentication has not passed, and other cookies have been passed over.
What is the reason for this? The same domain name should say that cookies will be uploaded to the background.
Reference: Http://www.cnblogs.com/fish-li/archive/2012/04/15/2450571.html and other articles are not implemented, the server configuration is the same, supposedly, the same domain name, You should bring the cookie with you when you visit.
This issue has been sent to msdn:https://social.msdn.microsoft.com/forums/vstudio/zh-cn/f666f1d1-3d9e-4620-babb-1eea9302c0d9/forms?forum=295
Forms authentication cannot be authenticated in a distributed deployment?