为了测试,我在qingweb.com下创建了两个二级域名:website1.qingweb.com website2.qingweb.com
website1下有1个web.config,设置验证方式为:
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" name="testpass" domain=".qingweb.com" cookieless="UseCookies">
</forms>
</authentication>
传说中,domain=".qingweb.com" 是可以设置cookies的域的,但似乎没有效果。那么我们就在程序中动态设置吧:
string userID = "testuser";
string priv = "testpriv";
System.Web.Security.FormsAuthenticationTicket ticket = new System.Web.Security.FormsAuthenticationTicket(1, userID, System.DateTime.Now,
System.DateTime.Now.AddDays(1), true, priv, System.Web.Security.FormsAuthentication.FormsCookiePath);
string Savecookies = System.Web.Security.FormsAuthentication.Encrypt(ticket);
HttpCookie cook = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName, Savecookies);
cook.Domain = ".qingweb.com";//就是这句话
cook.Expires = ticket.Expiration;
System.Web.HttpContext.Current.Response.Cookies.Add(cook);
Response.Redirect("http://website2.qingweb.com");
现在转向到website2,打印票据的登录用户名:
Response.Write(User.Identity.Name);
成功输出:testuser
OK,搞定