单点登陆,多子域名共享问题? 解决了另外再给150分
www.xxx.com站点登陆,其他如my.xxx.com站可以读取到身份验证信息,试了一上午没有解决.
身份验证使用了角色权限,各站点web.config配置如下:
<forms name="CookieName" loginUrl="/login.aspx" cookieless="UseDeviceProfile" timeout="40" path="/" protection="All" domain="xxx.com"/>
</authentication>
<machineKey validationKey="C681609AB79382991BFEC556E59228F8A27E7D6F554F5A4B4A96D1B823C0C971E930321CA36EA64C648FEE7E7496249AD1856B9510E4D28491C5AC9512A3157C" decryptionKey="671782EA4F2C97D843373BAF2305C113A48FF2C35DA7675C" decryption="3DES" validation="SHA1"/>
登陆验证:
public static void Signin(string UserID, int role)
{
string aRole = "guest";
if( role == 1 )
aRole = "User"; //会员角色一
if( role == 2 )
aRole = "User2"; //会员角色二
if( role == 3 )
aRole = "User3"; //会员角色三
FormsAuthenticationTicket myTicket = new FormsAuthenticationTicket(1, UserID, DateTime.Now, DateTime.Now.AddMinutes(60), false, aRole, FormsAuthentication.FormsCookiePath);
//加密
string encrypt = FormsAuthentication.Encrypt(myTicket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypt);
System.Web.HttpContext.Current.Response.Cookies.Add(cookie);
}