问题
- Asp.Net MVC 3
- FormsAuthentication (custom)
- iPad MobileSafari
- iframe (same domain)
After struggling with formsTicket.UserData not working with MobileSafari (ONLY MoblieSafari), I found out, that httpContext.User.Identity.Ticket.UserData is empty (in MobileSafari, not the others) and the original FormsAuthentication HttpCookie contains the right values?!?
How can that be?!
Code:
public void UpdateContext()
{
if (httpContext.User.Identity is FormsIdentity)
{
// Get Forms Identity From Current User
FormsIdentity id = (FormsIdentity)httpContext.User.Identity;
// Create a custom Principal Instance and assign to Current User (with caching)
HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(FormsAuthentication.FormsCookieName);
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
var cookieUserData = ticket.UserData; // not empty
var httpContextIdentiyUserData = id.Ticket.UserData; // empty!
...
}
}
Any clue would be helpful!
Lg
Warappa
PS: If it matters, I use a page of my website in an iframe - same domain.
回答1:
So the issue was the following:
This error arose when I logged out and accessed a page that did a history.back().
Looking at the traffic with Fiddler I saw, that Asp.Net used the cookieless authentication mode, so the authentication was encoded into the url. Now, when the history.back() occurred, the url pointed to the Logout url with the now invalid authentication information... nasty bug at my side.
Forcing Asp.Net to use cookies did the trick!
Lg
warappa
来源:https://stackoverflow.com/questions/6059972/formsauthentication-userdata-lost-but-in-cookie