最近因为需要,使用了Form验证,因为是在本机做测试,所以form验证后生成的cookie的domain都是写在localhost名下。但是
但我尝试使用http://192.168.1.33/decrpt.aspx(我本机的ip),页面来对加密的formauthenctionticket进行解密时,缺报出了“填充无效,无法被移除”的错误。经过多次测试,发现如果使用http://localhost/decrpt.aspx解码,则一起正常。看来使用form验证加密后的ticket,解密时必须要保存域的一致。
加密代码:
代码
FormsAuthentication.SetAuthCookie(strUserName, true);//form验证,设置cookie
DateTime strDateTimeNow = DateTime.Now;
string strGUID = System.Guid.NewGuid().ToString();
string strSsid = Session.SessionID;
string IP = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(IP))
{
//没有代理IP则直接取连接客户端IP
IP = Request.ServerVariables["REMOTE_ADDR"]; //如果用了代理,则取得代理服务器的IP地址。如果用户使用了多个代理服务器,则是到达服务器的最后一个代理服务器的IP地址。
}
try
{
intAuthId=lg.insertAuth(strUserName, strGUID, strSsid, IP, strDateTimeNow);
}
catch
{ }
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, FormsAuthentication.FormsCookieName, DateTime.Now, DateTime.Now.AddMinutes(20), false, strUserName + "|" + strGUID + "|" + strSsid + "|" + IP + "|" + strDateTimeNow);//创建一个票据
string encticket = FormsAuthentication.Encrypt(ticket);//创建一个字符串,对票据加密
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, encticket);//创建一个以新的以票据中的cookie名称为名字的cookie
System.Text.Encoding ec=System.Text.Encoding.GetEncoding("utf-8");
byte[] bt = ec.GetBytes(intAuthId.ToString());
HttpCookie ckAuthId = new HttpCookie("ax", Convert.ToBase64String(bt));
//ckAuthId.Expires=DateTime.Now
if (ck != null && ckAuthId!=null)
{
ckAuthId.Expires=ck.Expires = DateTime.Now.AddDays(15);//cookie保存2周
Context.Response.Cookies.Add(ck);//输出cookie
Context.Response.Cookies.Add(ckAuthId);
}
DateTime strDateTimeNow = DateTime.Now;
string strGUID = System.Guid.NewGuid().ToString();
string strSsid = Session.SessionID;
string IP = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(IP))
{
//没有代理IP则直接取连接客户端IP
IP = Request.ServerVariables["REMOTE_ADDR"]; //如果用了代理,则取得代理服务器的IP地址。如果用户使用了多个代理服务器,则是到达服务器的最后一个代理服务器的IP地址。
}
try
{
intAuthId=lg.insertAuth(strUserName, strGUID, strSsid, IP, strDateTimeNow);
}
catch
{ }
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, FormsAuthentication.FormsCookieName, DateTime.Now, DateTime.Now.AddMinutes(20), false, strUserName + "|" + strGUID + "|" + strSsid + "|" + IP + "|" + strDateTimeNow);//创建一个票据
string encticket = FormsAuthentication.Encrypt(ticket);//创建一个字符串,对票据加密
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, encticket);//创建一个以新的以票据中的cookie名称为名字的cookie
System.Text.Encoding ec=System.Text.Encoding.GetEncoding("utf-8");
byte[] bt = ec.GetBytes(intAuthId.ToString());
HttpCookie ckAuthId = new HttpCookie("ax", Convert.ToBase64String(bt));
//ckAuthId.Expires=DateTime.Now
if (ck != null && ckAuthId!=null)
{
ckAuthId.Expires=ck.Expires = DateTime.Now.AddDays(15);//cookie保存2周
Context.Response.Cookies.Add(ck);//输出cookie
Context.Response.Cookies.Add(ckAuthId);
}
解密代码:
代码
FormsAuthenticationTicket ticke = null;
string[] parr = Request.QueryString["p"].Split(new char[] { '|'});
try
{
ticke = FormsAuthentication.Decrypt(parr[0]);
}
catch
{
//解密出错
toxml("<f><status>4</status><url>http://192.168.1.3/login.aspx</url></f>");
}
private void toxml(string strcontent)
{
Response.Charset = "UTF-8";
Response.ContentEncoding = System.Text.Encoding.UTF8;
Response.ContentType = "text/xml";
Response.Clear();
Response.Write("<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n" + strcontent);
Response.End();
}
string[] parr = Request.QueryString["p"].Split(new char[] { '|'});
try
{
ticke = FormsAuthentication.Decrypt(parr[0]);
}
catch
{
//解密出错
toxml("<f><status>4</status><url>http://192.168.1.3/login.aspx</url></f>");
}
private void toxml(string strcontent)
{
Response.Charset = "UTF-8";
Response.ContentEncoding = System.Text.Encoding.UTF8;
Response.ContentType = "text/xml";
Response.Clear();
Response.Write("<?xml version=\"1.0\" encoding=\"utf-8\" ?>\n" + strcontent);
Response.End();
}