0
我的web應用程序是MVC5。我打電話IdentityServer4應用程序的URL登錄時進行身份驗證的用戶。 下面是啓動類的方法ConfigureAuth在我的應用爲什麼在使用Owin時cookie的有效期是'Session'
public void ConfigureAuth(IAppBuilder app)
{
JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>();
var authority = LayeredConfiguration.GetValue("HydraInsuranceWeb-UserManagement-Authority");
var redirectUri = LayeredConfiguration.GetValue("HydraInsuranceWeb-UserManagement-RedirectUri");
app.UseCookieAuthentication(new CookieAuthenticationOptions {
AuthenticationType = "Cookies",
SlidingExpiration = false,
ExpireTimeSpan = System.TimeSpan.FromMinutes(2),
CookieName = "MyTestCookie"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
Authority = authority,
ClientId = AuthConstants.InsuranceWebClientId,
Scope = "openid profile user.management hydra.eventhistory.api",
RedirectUri = redirectUri,
ResponseType = "code id_token",
SignInAsAuthenticationType = "Cookies",
UseTokenLifetime = false,
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = n =>
{
try
{
var transformedHydraIdentity = new HydraIdentityBuilder(n.AuthenticationTicket.Identity)
.AllowSecurityAdmin()
.IncludeRoleProfiles()
.IncludeIdToken(n.ProtocolMessage.IdToken)
.IncludeStandardClaims()
.Build();
n.AuthenticationTicket = new Microsoft.Owin.Security.AuthenticationTicket(
transformedHydraIdentity,
n.AuthenticationTicket.Properties);
}
catch (Exception ex)
{
n.HandleResponse();
n.Response.Redirect("/Error/NoAuthorization");
DiagnosticService.Writer.AddError("Authentication Error", ex);
}
return Task.FromResult(0);
},
}
});
}
登錄之後,cookie的有效期都爲「會議」,而不是目前時間加2分鐘。 
但我的期望是cookie的到期日期是一個特定的日期時間,它應該是當前時間加2分鐘。如果用戶在2分鐘內未運行,請跳轉到登錄頁面。
有沒有人知道這個問題?請告訴我如何進行調查或調試,以瞭解爲什麼cookie的驗證更改。
還有2個餅乾:.AspNet.Cookies和MyTestCookie。哪個cookie用於認證用戶?
您明確設置身份驗證cookie的名稱爲'MyTestCookie',所以這是你的身份驗證的cookie。 –