zydronium/websitepanel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

http://websitepanel.codeplex.com/workitem/286

Browse source 
Was caused when recyclying the enterprise server. Encrypted session get got a
lenght of 24 which resulted into a loop and finally a 500 error.

When encrypted sessionid does not match, session is logged off and redirected to
default page and encrypted session key restored.
This commit is contained in:
robvde 2012-07-17 21:34:44 +04:00
parent 702084c672
commit 93c14b77e9
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
WebsitePanel/Sources/WebsitePanel.WebPortal/Code/SecureSessionModule.cs
View file

@ -72,6 +72,8 @@ namespace WebsitePanel.WebPortal
{
FormsAuthentication.SignOut();
HttpContext.Current.Response.Redirect(DefaultPage.GetPageUrl(PortalConfiguration.SiteSettings["DefaultPage"]));
cookie.Value = GetSessionIDMac(cookie.Value, request.UserHostAddress, request.UserAgent, _ValidationKey);
return;
}
// Separate the session ID and the MAC
@ -87,6 +89,8 @@ namespace WebsitePanel.WebPortal
{
FormsAuthentication.SignOut();
HttpContext.Current.Response.Redirect(DefaultPage.GetPageUrl(PortalConfiguration.SiteSettings["DefaultPage"]));
cookie.Value = GetSessionIDMac(cookie.Value, request.UserHostAddress, request.UserAgent, _ValidationKey);
}
// Strip the MAC from the cookie before ASP.NET sees it