问题
I created custom membership provider for asp.net mvc applications and it all works fine except one thing:
when logged in to my application, I am also logged in to all other asp.net mvc applications that I run using Visual Studio. I suppose this data is being pulled from cache because when I logout and try to login again in other application, I'm being rejected.
In webconfig, I added applicationName in order to solve this but it didn't work:
<membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add
name="SAMembershipProvider"
type="ShinyAnt.Membership.SAMembershipProvider, ShinyAnt"
connectionStringName ="ShinyAntConnectionString"
applicationName="MyApp"
/>
</providers>
</membership>
<roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true">
<providers>
<clear/>
<add
name="SARoleProvider"
type="ShinyAnt.Membership.SARoleProvider"
connectionStringName ="ShinyAntConnectionString"
applicationName="MyApp"
/>
</providers>
</roleManager>
Is there any method that I forgot to implement that is dealing with this problem or it is something else?
回答1:
It's probably a bit late for you, but maybe other people reaching this page may find this useful.
By default, forms authentication uses a browser cookie to save your authentication state, and they are scoped (and restricted) to a (sub)domain level (probably http://localhost/ in your case?).
This means that every application running under the 'localhost' domain root ( http://localhost/App1, http://localhost/App2) has access to the same authentication cookies.
you might be able to work around this issue by specifying a different cookie name per application in the web.config:
<authentication mode="Forms">
<forms name="[cookie name]"></forms>
</authentication>
Hope this helps...
来源:https://stackoverflow.com/questions/2919047/asp-net-mvc-custom-membership-provider-strict-login-cache-to-one-application