FormsAuthentication.RequireSSL 属性


获取一个值,指示 Forms 身份验证 Cookie 是否需要 SSL 以返回到服务器。Gets a value indicating whether the forms-authentication cookie requires SSL in order to be returned to the server.

 static property bool RequireSSL { bool get(); };
public static bool RequireSSL { get; }
member this.RequireSSL : bool
Public Shared ReadOnly Property RequireSSL As Boolean



如果将 Forms 身份验证 Cookie 返回到服务器需要 SSL,则为 true;否则为 falsetrue if SSL is required to return the forms-authentication cookie to the server; otherwise, false. 默认为 falseThe default is false.


下面的代码示例在 requireSSL Web.config 文件中设置特性。The following code example sets the requireSSL attribute in the Web.config file.

<authentication mode="Forms">
  <forms loginUrl="member_login.aspx"
    path="/MyApplication" />


RequireSSL属性值是在 ASP.NET 应用程序的配置文件中使用 requireSSL forms配置元素的属性设置的。The RequireSSL property value is set in the configuration file for an ASP.NET application by using the requireSSL attribute of the forms configuration element. 你可以在 ASP.NET 应用程序的 Web.config 文件中指定 SSL (安全套接字层) 是否需要通过设置属性将 forms 身份验证 cookie 返回到服务器 requireSSLYou can specify in the Web.config file for your ASP.NET application whether SSL (Secure Sockets Layer) is required to return the forms-authentication cookie to the server by setting the requireSSL attribute . 有关详细信息,请参阅 SecureFor more information, see Secure.

如果你将配置 requireSSLfalse ,则还可以将配置 slidingExpirationfalse ,以减少票证有效的时间量。It is recommended that if you configure requireSSL as false, you also configure slidingExpiration as false, to reduce the amount of time for which a ticket is valid.