Forms authentication formsauthentication

It168 technical documents]

In the past two days, I have been studying forms for user verification. It has nothing to do with msdn to find out how it works! However, during the test, I found that
Some questions!

1. What do I set domain in forms under the authentication node of Web. config? When formsauthentication. setauthcookie (loginname, false );
Then, when httpcontext. Current. User. Identity. Name is always returned to me "", which makes me very depressed!
2. If config cannot be specified, I will specify the domain of the user cookie in the code, but the problem occurs again.
A). Still cannot get the value of identity. Name.
B) The user successfully exits.

If we do not handle the cookie domain, there will be no problem I mentioned above.
General Practice:
1. Configure the Web. config Node

<! --
In the <authentication> section, you can configure
Security Authentication mode,
To identify the user.
-->
<Authentication mode = "forms">
<Forms name = ". bk5173"
Protection = "all"
Timeout = "30"
Path = "/"
Requiressl = "false"
Cookieless = "usedeviceprofile"
Enablecrossappredirects = "false">
</Forms>
</Authentication>

2. After verifying that the user name and password are valid:

// Set the user's cookie value
Formsauthentication. setauthcookie (loginname, false );

3. The previous step is to write the user name into the cookie, and then you can get the user name.
String idenname = httpcontext. Current. User. Identity. Name;

4. We can judge the user based on idenname. If idenname = ", the user will jump to the login page to log on to the user; otherwise, the user name will be displayed in the UI.

5. Use the following method to exit.
Formsauthentication. signout ();

At this point, I do not know whether or not I have set the cookie domain, which is exactly what I will do. Modify the above method.
1). modification method:

// Set the user's cookie value
Formsauthentication. setauthcookie (loginname, false );

Use the following methods:

// Set the user's cookie value
Formsauthentication. setauthcookie (loginname, false );
// Obtain the user's cookie
Httpcookie cookie = formsauthentication. getauthcookie (loginname, false );
// Add the cookie domain and expiration date to the user's cookie value
// Update user cookies
Formsauthenticationticket oldticket = formsauthentication. decrypt (cookie. value );
Formsauthenticationticket newticket = new formsauthenticationticket (1,
Oldticket. Name,
Oldticket. issuedate,
Datetime. Now. addminutes (30 ),
Oldticket. ispersistent,
Oldticket. userdata,
Formsauthentication. formscookiepath );
Cookie. Domain = cookiedomain;
Cookie. value = formsauthentication. Encrypt (newticket );
// Update cookie
Httpcontext. Current. response. setcookie (cookie );

2) modify the method when the user exits

Httpcookie cookie = httpcontext. Current. response. Cookies [formsauthentication. formscookiename];
Cookie. Domain = cookiedomain;
Cookie. value = NULL;
Cookie. expires = datetime. Now. adddays (-1 );
// Update cookie
Httpcontext. Current. response. Cookies. setcookie (cookie );
Formsauthentication. signout ();

However, if the identity. name cannot be obtained according to the above method, after analyzing and searching the relevant information, modify the above method
1 ).

// Set the user's cookie value
Formsauthentication. setauthcookie (loginname, false );
// Obtain the user's cookie
Httpcookie cookie = formsauthentication. getauthcookie (loginname, false );
// Add the cookie domain and expiration date to the user's cookie value
// Rewrite the user cookie with the same name to the client
Formsauthenticationticket oldticket = formsauthentication. decrypt (cookie. value );
Formsauthenticationticket newticket = new formsauthenticationticket (1,
Oldticket. Name,
Oldticket. issuedate,
Datetime. Now. addminutes (30 ),
Oldticket. ispersistent,
Oldticket. userdata,
Formsauthentication. formscookiepath );
Cookie. Domain = cookiedomain;
Cookie. value = formsauthentication. Encrypt (newticket );
Httpcontext. Current. response. Cookies. Add (cookie );
2 ).
Httpcookie cookie = httpcontext. Current. response. Cookies [formsauthentication. formscookiename];
Cookie. Domain = cookiedomain;
Cookie. value = NULL;
Cookie. expires = datetime. Now. adddays (-1 );
Httpcontext. Current. response. Cookies. Add (cookie );
Formsauthentication. signout ();

In this way, the user can successfully log on and exit!
The possible cause is that the cookie contains servers and clients. Therefore, a new authentication ticket will invalidate the same name.