问题
I have an MVC 2.0 application that requires a persistent login(if chosen) using forms authentication which is load balanced between two servers.
my webconfig(on both servers) looks like so:
<authentication mode="Forms">
<forms name="MA_AuthCookie" loginUrl="~/Account/LogOn" timeout="86400" protection="All" path="/" slidingExpiration="false"/>
</authentication>
<machineKey validationKey="*************180C6E1FD3E9338B78ACD83CA0A99F27B985AF97871BDBA43E1426DB8FA82F811779BFB779D1E90EB9BCCDE71D3F0458392736B17D3"
decryptionKey="*****************D72F47EF06B1F594CAAF1BEA311555A9D8E8"
validation="SHA1"
decryption="AES" />
timeout is set for 60 days and i am using the following script to set the cookie on login.
FormsAuthentication.SetAuthCookie(userName, true);
All works great or so it seems across both servers until i come back an hour or so later with no activity and my auth cookie is gone. I am not sure this has something to do with the worker process on either load balanced server for the application because i can go directly to one of the servers, login and my login is persisted as it should be. Also, through my findings the fact that i am setting a machine validation key is supposed to get around the issue and recreation of keys when the worker process runs. There must be something i am missing. If anyone can point me in the right direction it would be very appreciated.
Thanks, Billy
回答1:
Looks like i failed to realize the obvious. Although it seemed as though the login would persist when closing the browser down sometimes and sometimes not the setting to expire cookies at the end of the session was checked on my firefox browser. All is good after making that change.
来源:https://stackoverflow.com/questions/5488008/forms-authentication-persistent-across-multiple-servers