Forms authentication cannot be authenticated in a distributed deployment?

Source: Internet
Author: User
Tags set cookie

The use of forms authentication for distributed deployment of applications is not successful, referring to some methods on the web.

Application deployment of two intranet servers: 192.168.1.19,192.168.1.87, using nginx load distribution, the configuration is identical; each can be logged in and run.

<system.web> <!--Configure the secure authentication mode that ASP. NET uses to identify incoming users. domain=". zt-express.com"-<authentication mode="Forms"> <forms name=". Gdzdauthenforms"Loginurl="~/login.aspx"timeout="2880"Defaulturl="~/main.aspx"Path="/"protection=" All"/> </authentication> <machinekey validationkey="e804106b394de7148524a5fb0e7e282f05c3bb98553931f2b3fcdc896473390205326a876aa5490050d795fa181604651878b4285475150437a73 F9D705E412A"decryptionkey="9be9f489677a8285d6a00e902857abb2986c73534ff2a901"validation="SHA1"/> <authorization> <allow users="*"/> </authorization> <anonymousidentification enabled="true"Cookiename=". Gdzdanonymous"/> "true"targetframework="4.0"/> <pages enablesessionstate="true"controlrenderingcompatibilityversion="4.0"/> <customerrors mode="Off"/> <sessionstate timeout="3600"> </sessionState> </system.web>

Processing after successful login at the following time

        /// <summary>        ///create a ticket and place it in a cookie///The data in the ticket is encrypted to solve the security problem of the cookie. /// </summary>        /// <param name= "UserInfo" >logged in user</param>        /// <param name= "Issuedatetime" >Release Time</param>        /// <param name= "Experation" >Expiry Time</param>        /// <param name= "Ispersistent" >Durability</param>         Public Static voidSetcookie (Baseuserinfo userInfo, DateTime? issuedatetime =NULLDatetime? Experation =NULL,BOOLIspersistent =true)        {            if(Issuedatetime = =NULL) {Issuedatetime=DateTime.Now; }            if(Experation = =NULL)            {                //Set cookie Expiration timeExperation =DateTime.Now.AddHours (systeminfo.userloginexperation); } basesysteminfo.userinfo=UserInfo; BaseSystemInfo.UserInfo.ServicePassword=Basesysteminfo.servicepassword; BaseSystemInfo.UserInfo.ServiceUserName=Basesysteminfo.serviceusername; BaseSystemInfo.UserInfo.SystemCode=Basesysteminfo.systemcode; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); stringUserData =javascriptserializer.serialize (Basesysteminfo.userinfo); //generate a validation ticket that includes the user name, effective time, expiration time, whether persistent and user data, and so on. FormsAuthenticationTicket ticket =NewFormsAuthenticationTicket (1, Userinfo.nickname, (DateTime) Issuedatetime, (datetime) experation, ispersistent, UserData,            Formsauthentication.formscookiepath); HttpCookie Cookies=NewHttpCookie (Formsauthentication.formscookiename, Formsauthentication.encrypt (ticket)); Cookies. Expires=(DateTime) experation; HttpResponse Response=HttpContext.Current.Response; //Specify whether client script can access [default = False]Cookies. HttpOnly =true; //specifies a unified path, which can be stored and taken throughCookies. Path ="/"; Response.            AppendCookie (cookie); //Remove the permission cache data to retrieve the cached data againRemoverediscache (UserInfo); }

The following is the code for validation

            //test whether the HttpContext.Current.User.Identity.IsAuthenticated is valid in a distributed deploymentResponse.Write (string. Format ("test whether the HttpContext.Current.User.Identity.IsAuthenticated is valid in a distributed deployment isauthenticated:{0}", HttpContext.Current.User.Identity.IsAuthenticated)); Response.Write ("<br/>cookie output Start ============================="); foreach(stringCookieNameinchrequest.cookies) {varMyCookie =Request.cookies[cookiename]; if(MyCookie! =NULL) {Response.Write ("<br/>"+ CookieName +"contained in"+ MyCookie. Values.count +"a key"); if(MyCookie. Values.count >0)                    {                        foreach(stringSinchMyCookie. Values) {Response.Write ("<br/> ""+ S +""="+ Mycookie[s]. ToString () +";"); } }}} Response.Write ("<br/>cookie output Complete ============================="); Response.Write ("<br/>formscookiename="+formsauthentication.formscookiename); HttpCookie Authcookie=Httpcontext.current.request.cookies[formsauthentication.formscookiename]; if(Authcookie! =NULL) {FormsAuthenticationTicket AuthTicket=Formsauthentication.decrypt (Authcookie.value); if(AuthTicket! =NULL)                {                    stringUserData =Authticket.userdata; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); varUserInfo = javascriptserializer.deserialize<baseuserinfo>(UserData); Response.Write ("<br/>nickname="+userinfo.nickname); }                Else{Response.Write ("<br/>authticket = null"); }            }            Else{Response.Write ("<br/>authcookie = null"); } Response.Write ("<br/>clientipaddress ="+userinredis.getcurrentipaddress (httpcontext.current)); Response.Write ("<br/>serveripaddress ="+ Request.ServerVariables.Get ("local_addr"));

After the deployment, log in to the system and access the test page

You can see that the current Access app is assigned to the 192.168.1.19.

Now stop the 192.168.1.19 application and visit the test page

As can be seen from the above, access is assigned to the 192.168.1.87, while the. gdzdauthenforms cookie used for authentication has not passed, and other cookies have been passed over.

What is the reason for this? The same domain name should say that cookies will be uploaded to the background.

Reference: Http://www.cnblogs.com/fish-li/archive/2012/04/15/2450571.html and other articles are not implemented, the server configuration is the same, supposedly, the same domain name, You should bring the cookie with you when you visit.

This issue has been sent to msdn:https://social.msdn.microsoft.com/forums/vstudio/zh-cn/f666f1d1-3d9e-4620-babb-1eea9302c0d9/forms?forum=295

Forms authentication cannot be authenticated in a distributed deployment?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.