c# – 在web.config的“authentication”中指定“domain”参数后

public void ProcessRequest(HttpContext context)
    {
        //// Sign out
        System.Web.Security.FormsAuthentication.SignOut();

        //// Clear Session
        if (context.Session != null)
        {
            context.Session.Clear();
        }

        /// Expire all the cookies so browser visits us as a brand new user
        List<string> cookiesToClear = new List<string>();
        foreach (string cookieName in context.Request.Cookies)
        {
            HttpCookie cookie = context.Request.Cookies[cookieName];
            cookiesToClear.Add(cookie.Name);
        }

        foreach (string name in cookiesToClear)
        {
            HttpCookie cookie = new HttpCookie(name,string.Empty);
            cookie.Expires = DateTime.Today.AddYears(-1);

            context.Response.Cookies.Set(cookie);
        }
        context.Response.Redirect("~/default.aspx");
    }
}

将“domain”参数添加到web.config的身份验证部分后：

<forms timeout="50000000" 
               loginUrl="~/login" 
               domain='mysite.com'/>

…它不再记录用户 – 在重定向到“?/ default.aspx”之后我仍然可以看到用户登录(我将断点添加到该页面的Load事件并检查HttpContext.Current.User. Identity.IsAuthenticated,它仍然= true).

然后我删除“domain =’mysite.com’”,它会毫无问题地记录用户.

我确实需要指定域,因为我添加了一个具有自己的应用程序的子域,但我希望它共享身份验证cookie.

任何想法都非常感谢！