浏览 3098 次
|
精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
|
|
|---|---|
| 作者 | 正文 |
|
发表时间:2008-07-01
遇到一个问题:Web.Config中设置的Sestion timeout不起作用,设置的timeout时间到期后,Global.asax中的Session_End能够被调用,但在此事件处理函数中,Context总是为null,这样就没有办法利用Context退出登录。
原因如下: 引用 The Session_End event fires when the browser isn't connected to the server -- so there really isn't anyway to clear out the authentication ticket (since that is stored on the client). What I'd recommend doing instead is changing the timeout duration of the forms-authentication ticket to be 15 minutes. That way you can avoid having to add a session_end event at all -- and just rely on the browser cookie timing out to force another login. Q: Do I have a valid HttpContext in Session_End? A: No, because this event is not associated with any request. 推荐用forms-authentication timeout,在Web.Config中配置如下:
<system.web>
<authentication mode="Forms">
<forms timeout="50000000"/>
</authentication>
</system.web>
声明:ITeye文章版权属于作者,受法律保护。没有作者书面许可不得转载。
推荐链接
|
| 返回顶楼 | |
