ASP.Net和JSP之间的SSO [英] SSO between ASP.Net and JSP

问题描述

我建立了一个 ASP.Net MVC 4 应用程序，它通过定义成员资格提供从简单的继承成员的方式使用窗体身份验证。

I built an ASP.Net MVC 4 application which uses forms authentication by means of a custom membership provider inheriting from the Simple Membership.

一切工作正常，但现在我有一个新的要求：我需要一个JSP应用程序与矿山整合

Everything is working fine, but now I have a new requirement: I need to integrate a JSP application with mine.

这意味着，它必须对我的应用程序相同的用户数据库进行身份验证，他们应该以某种方式共享会话，以实现两个应用程序之间的一种单点登录的（如果用户在ASP.Net应用程序已经通过身份验证，他应该可以无需再次登录，并反之亦然）来访问JSP应用程序。

This means that it has to authenticate against the same user database of my application and that they should somehow share the session in order to achieve a kind of Single Sign-On among the two applications (if an user is already authenticated in the ASP.Net application, he should be able to access the JSP application without logging in again, and vice-versa).

你建议我什么建筑用？

What architecture do you suggest me to use?

我想尽可能少的ASP.Net应用程序更改。

I would like to change as little as possible the ASP.Net application.

谢谢！

推荐答案

如果您需要auhtenticate翻过不同的域

If you need to auhtenticate accross different domains:

您可以实现自己的安全令牌服务（如Facebook，谷歌确实）下面是一些准备使用的实施：的 http://thinktecture.github.io/Thinktecture.IdentityServer.v2/

You can implement your own security token service (like facebook, google does) Here is some ready to use implementation: http://thinktecture.github.io/Thinktecture.IdentityServer.v2/

如果该站点上的相同的域（子）运行，然后你可以尝试这些领域内共享验证cookie。

If the sites are running on the same domain (subdomain), then you can try to share an authentication cookie within these domains.

这是解释文章：http://www.$c$cproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic

这篇关于ASP.Net和JSP之间的SSO的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！