Invalid value for encryptedTicket parameter

前端未结

关注

 4  1251

离开以前 2021-02-20 10:34

I recently modified the login for my companies eComm site to have a \"Keep me logged in\" feature. The primary change was to make the forms authentication cookie persistent for

4条回答

时光取名叫无心 (楼主)

2021-02-20 11:11

What I found out is that for some reason the cookie can get an inconsistent value. For us it was only some users, in some situations.

Better than raising an error i just propose to log the user out in case of the argumentexception. It doesn't explain the "why", is not completely satisfying (in some ways the "remember me" won't work for some users...) but at least it may keep a normal behavior for the user.

In global.asax:

 protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
    {
        HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];

        if (authCookie != null)
        {
            try
            {
                var authTicket = FormsAuthentication.Decrypt(authCookie.Value);

                //...
                //setting user properties with cookie...
                //...
            }
            catch (ArgumentException ex)
            {
                FormsAuthentication.SignOut();
                Response.Redirect("/");
            }
        }
    }

Not even sure the redirect is needed (would have to check).

Hope this helps

0 讨论(0)

查看其它4个回答