IE11 the issue of unable to save cookies under ASP. NET Forms Authentication

IE11 the issue of unable to save cookies under ASP. NET Forms Authentication

Tossing for three or four days, today only to find information, solved.

The following will be posted, have not had time to delve into, first put, have time to learn under.

ASP. The common practices for using forms authentication in NET are as follows:1Add the authentication node to the Web. config site root directory<authentication mode="Forms"> <forms name="Myauth"Loginurl="manager/login.aspx"Defaulturl="manager/default.aspx"protection=" All"timeout=" -"/></authentication>2add the Web. config file under the Manager subdirectory and include the following:<?xml version="1.0"?><configuration> <system.web> <authorization> <allow roles="Admin"/> <deny users="*"/> </authorization> </system.web></configuration>this way, users accessing any page under the Manager subdirectory without forms authentication will automatically jump to the manager/login.aspx page. If the authentication succeeds, it will default back to manager/default. aspx page. The certification is valid for 60 minutes. 3. Add the authentication code. Add the following code to the login button:if(!SNCHECKCODE.CHECKSN (Txt_validatecode.text))    {sncheckcode.create (); Utility.showmessage ("Check code Error! "); return;}stringstrUserName =Txt_Username.Text.Trim ();stringMd5pwd =helper.md5forphp (helper.md5forphp (Txt_password.text)); Lc_admin admin=NULL;BOOLlogined =false;using(varContext =Newdbentities ()) {Admin= Context.tb_admin. Where (n = n.username = =strUserName).    FirstOrDefault (); if(Admin! =NULL)    {        if(Admin.checkadmin! ="true") {sncheckcode.create (); Utility.showmessage ("Sorry, this account is forbidden to login! "); return; }        if(Admin.password = =md5pwd) {            //Update Admin InfoAdmin.loginip =Request.UserHostAddress.ToString (); Admin.logintime=Cndingutility.datetimetounixtimestamp (DateTime.Now); Context.            SaveChanges (); logined=true; }    }}if(logined) {//LoginFormsAuthenticationTicket ticket =NewFormsAuthenticationTicket (1, Admin.id.ToString (), DateTime.Now, DateTime.Now.AddMinutes ( -),        false,        "Admin", Formsauthentication.formscookiepath); stringHashticket =Formsauthentication.encrypt (ticket); HttpCookie Usercookie=NewHttpCookie (Formsauthentication.formscookiename, Hashticket);    HTTPCONTEXT.CURRENT.RESPONSE.COOKIES.ADD (Usercookie); if(request["RETURNURL"] !=NULL) {Response.Redirect (Httputility.htmldecode (request["RETURNURL"])); }    Else{Response.Redirect ("/manager/default.aspx"); }}Else{sncheckcode.create (); Cndingutility.showmessage ("The user name or password is incorrect! ");} MD5 Encryption Code: Public Static stringMd5forphp (stringStringtohash) {    varMD5 =NewSystem.Security.Cryptography.MD5CryptoServiceProvider (); byte[] Emailbytes =Encoding.UTF8.GetBytes (Stringtohash.tolower ()); byte[] Hashedemailbytes =Md5.computehash (emailbytes); StringBuilder SB=NewStringBuilder (); foreach(varBinchhashedemailbytes) {sb. Append (B.tostring ("X2").    ToLower ()); }    returnsb.　　ToString ();} After successful authentication, the user login information is stored as a cookie to the client by default and is valid for 60 minutes. UserData is set to the user's role, which is used when determining whether a user is logged in or not. As in the following code:if(HttpContext.Current.User.Identity.IsAuthenticated) {intAdminid =-1; FormsIdentity Identity=(formsidentity) HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket=identity.    Ticket; stringUserData =ticket.    UserData; if(UserData = ="Admin")    {        //To do somethingThe code above works in Visual Studio! However, publishing the Web site to the server's IIS (which may be an earlier version of IIS, such as IIS6), the login feature is found to be abnormal. Enter the user name and password and click the login button, the page postback but does not jump correctly, try to manually access the protected page will automatically jump back to the login page. Even more oddly, this problem only appears on IE11 browsers, and trying to access the login function with Firefox or Chrome is working. The initial suspicion is a problem with IIS settings, but there is no cookie-related setting on IIS 6, as if you remember this setting on IIS 7.　　But because only IE 11 has the problem, you can negate any problems with the code itself. In addition, attempts to reduce the security level of IE 11, reinstall the. NET Framework on the server, and download the latest patches, etc., do not resolve the issue. It turns out that simply modifying the settings of the authentication node in Web. config is all you need to do, adding cookieless to forms="usecookies"property. <authentication mode="Forms"> <forms name="Myauth"cookieless="usecookies"Loginurl="manager/login.aspx"Defaulturl="manager/default.aspx"protection=" All"timeout=" -"/></authentication>used to explicitly tell the server to use cookies to save user authentication information. Problem Solving! 

IE11 the issue of unable to save cookies under ASP. NET Forms Authentication