Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to solve the problem that Forms authentication can not save Cookie under IE11". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let the editor take you to learn "how to solve the problem that Forms authentication cannot save Cookie under IE11".

Common practices for using Forms authentication in ASP.NET are as follows:

1. Add an authentication node to the Web.config under the root of the website

The copy code is as follows:

two。 Add the Web.config file in the manager subdirectory and add the following:

The copy code is as follows:

In this way, users who visit any page under the manager subdirectory without Forms authentication will automatically jump to the manager/Login.aspx page. If the authentication is successful, it will return to the manager/default.aspx page by default. The certification is valid for 60 minutes.

3. Add the authentication code. Add the following code to the login button:

The copy code is as follows:

If (! snCheckCode.CheckSN (txt_ValidateCode.Text))

{

SnCheckCode.Create ()

Utility.ShowMessage ("check code error!")

Return

}

String strUserName = txt_Username.Text.Trim ()

String md5Pwd = Helper.MD5ForPHP (Helper.MD5ForPHP (txt_Password.Text))

Lc_admin admin = null

Bool logined = false

Using (var context = new dbEntities ())

{

Admin = context.tb_admin.Where (n = > n.username = = strUserName) .FirstOrDefault

If (admin! = null)

{

If (admin.checkadmin! = "true")

{

SnCheckCode.Create ()

Utility.ShowMessage ("Sorry, this account is prohibited!")

Return

}

If (admin.password = = md5Pwd)

{

/ / Update Admin Info

Admin.loginip = Request.UserHostAddress.ToString ()

Admin.logintime = CndingUtility.DateTimeToUnixTimeStamp (DateTime.Now)

Context.SaveChanges ()

Logined = true

}

}

}

If (logined)

{

/ / Login

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket (

one,

Admin.id.ToString ()

DateTime.Now

DateTime.Now.AddMinutes (60)

False

"Admin"

FormsAuthentication.FormsCookiePath

);

String hashTicket = FormsAuthentication.Encrypt (ticket)

HttpCookie userCookie = new HttpCookie (FormsAuthentication.FormsCookieName, hashTicket)

HttpContext.Current.Response.Cookies.Add (userCookie)

If (Request ["ReturnUrl"]! = null)

{

Response.Redirect (HttpUtility.HtmlDecode (Request ["ReturnUrl"]))

}

Else

{

Response.Redirect ("/ manager/default.aspx")

}

}

Else

{

SnCheckCode.Create ()

CndingUtility.ShowMessage ("incorrect username or password!")

}

MD5 encryption Code:

The copy code is as follows:

Public static string MD5ForPHP (string stringToHash)

{

Var md5 = new System.Security.Cryptography.MD5CryptoServiceProvider ()

Byte [] emailBytes = Encoding.UTF8.GetBytes (stringToHash.ToLower ())

Byte [] hashedEmailBytes = md5.ComputeHash (emailBytes)

StringBuilder sb = new StringBuilder ()

Foreach (var b in hashedEmailBytes)

{

Sb.Append (b.ToString ("x2") .ToLower ()

}

Return sb.ToString ()

}

After successful authentication, the user's login information is stored to the client in the form of Cookie by default, with a validity period of 60 minutes. UserData is set to the role of the user and is used to determine whether the user is logged in. Such as the following code:

The copy code is as follows:

If (HttpContext.Current.User.Identity.IsAuthenticated)

{

Int adminId =-1

FormsIdentity identity = (FormsIdentity) HttpContext.Current.User.Identity

FormsAuthenticationTicket ticket = identity.Ticket

String userData = ticket.UserData

If (userData = = "Admin")

{

/ / To do something

}

}

The above code works fine in Visual Studio! However, after publishing the Web site to the server's IIS (which may be an earlier version of IIS, such as IIS 6), the login function is found to be abnormal. Enter the user name and password and click the login button, but the page postback does not jump correctly. Trying to access the protected page manually will automatically jump back to the login page. What's even weirder is that the problem only occurs on IE11 browsers, and trying to access the login function with Firefox or Chrome works fine. The initial suspicion is that there is a problem with the IIS setting, but there is no Cookie-related setting on IIS 6. I seem to remember that this setting is on IIS 7. But because only IE 11 has this problem, you can deny any problem with the code itself.

In addition, attempts to lower the security level of IE 11, reinstall. Net framework on the server, download the latest patches, and so on, did not solve the problem. Later, it turns out that you only need to simply modify the setting of the authentication node in Web.config and add the cookieless= "UseCookies" attribute to forms.

The copy code is as follows:

Used to explicitly tell the server to use Cookie to save user authentication information.

At this point, I believe you have a deeper understanding of "how to solve the problem that Forms authentication cannot save Cookie under IE11". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.