在经典的ASP中集成来自ASP.NET的FormsAuthentication [英] Integrating FormsAuthentication from asp.net in classic asp
问题描述
最近,我受命在两个域不同的网站之间创建一个单一登录.一个在ASP.NET下运行,另一个在经典ASP下运行.由于我对ASP.NET的经验很少(我是Java爱好者),对ASP的零经验(过时了,我对此非常讨厌),因此遇到了很多困难.第一个是:如何将来自ASP.NET网站的身份验证cookie传递给ASP网站?
Recently i have been tasked with creating a single sign on between two web sites, wuth different domains. One runs under ASP.NET and the other under classic ASP. Since i have very little experience with ASP.NET (i'm a Java enthusiast) and ZERO experience in ASP (plus is dated and i hate it for that), i'm encountering a lot of difficulties. The first one being: how to pass the authentication cookie coming from the ASP.NET web to the ASP web?
我找到了这篇文章,似乎可以准确地描述我的需求:
I found this article, wich seems to describe exactly what i need:
But the problem is that it assumes a lot of previous knowledge on web development with the tools it uses (for instance, COM interoperability wrappers, API's and such ), and it's getting really hard to figure something out of it. However, i like the core idea of extracting the FormsAuthentication utilities and using them in legacy ASP.
因此,我需要一些指南来实现上面的链接中所述的内容,以便至少创建一个功能测试(具有功能含义,我可以从虚拟ASP.NET网站发送cookie中的凭据并接收该cookie.(以经典的ASP形式)或其他替代方法来在这两个站点之间实现单一登录.
So what i need is some guideline to achieve what is described in the link above in order to create at least a functional test (with functional meaning i can send credentials in a cookie from a dummy ASP.NET web and receive the cookie in a classic ASP form), or some alternative method to implement a single sign on between these two sites.
要注意的一件事是我无法通过通配符映射来执行此操作,因为我无法访问IIS配置.
One important thing to note is that i cannot do this via wildcard mappings because i have no access to IIS configuration.
推荐答案
您将永远无法将从一个域接收的身份验证cookie发送到另一个域的网站.浏览器相同来源政策将阻止这种情况.
You will never be able to send authentication cookies received from one domain to a web site on another domain. The browsers same origin policy will prevent this.
要使其工作,您需要研究一个单一登录(SSO)解决方案,其中两个Web应用程序都从同一安全令牌服务(
To make this work, you want to look into a Single Sign On (SSO) solution where both web applications get their authentication cookies from the same Security Token Service (STS).
这对于ASP.NET来说很容易.查看 System.IdentityModel 名称空间.我不知道这是否也适用于经典ASP.
This is easy for ASP.NET. Look into the System.IdentityModel namespace. I have no clue if this is also available for classic ASP.
祝你好运.
这篇关于在经典的ASP中集成来自ASP.NET的FormsAuthentication的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
