我做了一个新的MVC3应用程序,它托管在WinHost的基本计划上。登录用户在一段时间后注销
问题的要点是,应用程序池内存限制已达到,并且每个会话InProc都被删除,这意味着我的用户已注销。
按照他们的文档,我看到:
http://support.winhost.com/KB/a626/how-to-enable-aspnet-sql-server-session-on-your-web.aspx
这里是我的web.config的内容,按照上述建议的步骤后:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=152368
-->
<configuration>
<connectionStrings>
<!-- REMOVED FOR PRIVACY -->
</connectionStrings>
<appSettings>
<add key="webpages:Version" value="1.0.0.0"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
</appSettings>
<system.web>
<sessionState mode="SQLServer"
allowCustomSqlDatabase="true"
cookieless="false"
timeout="2880"
sqlConnectionString="data Source='tcp:s407.winhost.com';database='DB_41_xx';user id='DB_11_xx_user'; password='xx';" />
<trust level="Full"/>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Helpers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Mvc, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.WebPages, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</assemblies>
</compilation>
<authentication mode="Forms">
<forms loginUrl="~/" timeout="2880"/>
</authentication>
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/"/>
</providers>
</membership>
<profile>
<providers>
<clear/>
<add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
</providers>
</profile>
<roleManager enabled="false">
<providers>
<clear/>
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/"/>
<add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/"/>
</providers>
</roleManager>
<pages>
<namespaces>
<add namespace="System.Web.Helpers"/>
<add namespace="System.Web.Mvc"/>
<add namespace="System.Web.Mvc.Ajax"/>
<add namespace="System.Web.Mvc.Html"/>
<add namespace="System.Web.Routing"/>
<add namespace="System.Web.WebPages"/>
</namespaces>
</pages>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="3.0.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral"/>
<bindingRedirect oldVersion="0.0.0.0-4.0.8.0" newVersion="4.0.8.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
这里躺着的问题:
我的用户在一段时间后仍然记录在案。我认为使用SQL进行会话可以防止这个问题。
这里的代码对我怎样我的洛用户的相关位:
[HttpPost]
public ActionResult Login(LogOnModel model)
{
using (EfAccountRepository accountRepository = new EfAccountRepository())
{
if (accountRepository.ValidateCredentials(model.Email, model.Password))
{
FormsAuthentication.SetAuthCookie(model.Email, true);
return RedirectToAction("Index", "Home");
}
}
ModelState.AddModelError("", "Your email or password is incorrect.");
return View(model);
}
,这里是一些代码,我用它来看看用户是否登录:
public static MvcHtmlString AdminDashboardLink()
{
if (SecurityHelpers.UserIsPartOfCompany(HttpContext.Current))
{
string html = "<li><a href='/Admin'>ADMIN DASHBOARD</a></li>";
return new MvcHtmlString(html);
}
else
{
return new MvcHtmlString("");
}
}
public static bool UserIsPartOfCompany(HttpContext context)
{
if (!context.Request.IsAuthenticated)
return false;
using (EfAccountRepository accountRepository = new EfAccountRepository())
{
var loggedInUser = accountRepository.FindByEmail(context.User.Identity.Name);
string[] userRoles = accountRepository.GetRolesForUser(loggedInUser.AccountId);
return userRoles.Contains("Editor") || userRoles.Contains("Finance") || userRoles.Contains("Administrator");
}
}
有什么建议吗?也许我的web.config是拙劣的,这是导致问题。在我添加会话信息后,也许我还需要删除某些内容?
运行相同的浏览器会话时,您将看到用户注销发生? – 2012-03-16 01:58:55
是的,我打开Firefox,登录到网站(托管在Winhost上)。在同一个网站上玩一会儿,几分钟后(有时候几秒钟后),我就注销了。 – 2012-03-16 02:08:32
当一个asp.net应用程序池回收时,这将是空/空吗? 'context.Request.IsAuthenticated'?如果是这样,这可能是导致问题的原因。如果我切换到SQL会话,我是否需要修改检查用户是否登录的方式? – 2012-03-16 02:10:32