二级域名之间共享Cookie,很重要的一点就是配置,如下:
domain设置为.,如果你的域名是,,那么请设置你的domain为.
path设置为/
<authentication mode="Forms">
<forms name="DQ.AUTH" loginUrl="/Login/Index" protection="All" domain="." timeout="43200" path="/" requireSSL="false" slidingExpiration="true" />
</authentication>
第二重点的就是登陆时候Cookie设置,
不要忘记使用之前配置的东西来设置 Cookie(FormsAuthentication.FormsCookiePath,FormsAuthentication.CookieDomain)
public virtual void SignIn(Customer customer, bool createPersistentCookie){var now = DateTime.UtcNow.ToLocalTime();var userdata = JsonConvert.SerializeObject(new SimpleUser { Name = _customerSettings.UsernamesEnabled ? customer.Username : customer.Email, ID = customer.CustomerGuid });var ticket = new FormsAuthenticationTicket(1 /*version*/,_customerSettings.UsernamesEnabled ? customer.Username : customer.Email,now,now.Add(_expirationTimeSpan),createPersistentCookie,userdata,FormsAuthentication.FormsCookiePath);var encryptedTicket = FormsAuthentication.Encrypt(ticket);var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);cookie.HttpOnly = true;if (ticket.IsPersistent){cookie.Expires = ticket.Expiration;}cookie.Secure = FormsAuthentication.RequireSSL;cookie.Path = FormsAuthentication.FormsCookiePath;if (FormsAuthentication.CookieDomain != null){cookie.Domain = FormsAuthentication.CookieDomain;}_httpContext.Response.Cookies.Add(cookie);_cachedCustomer = customer;}