窗体身份验证在Windows Azure Silverlight应用程序 [英] Forms Authentication for a Silverlight application in Windows Azure
问题描述
我迁移n层Silverlight应用程序到Windows Azure和我撞了南墙。当我登录,网络服务无法知道是谁认证。我的云项目有两个作用:
I am migrating a n-tier Silverlight application to Windows Azure and I've hit a brick wall. Once I am logged in, the web service cannot know who is authenticated. My cloud project has two roles:
- 的Web用户界面:在Azure上,它的IP是111.222.33.44:80
- Web服务:在Azure上,它的IP是111.222.33.44:8080
的Web UI配置:
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Forms">
<forms name="COOKIENAME" loginUrl="~/Login/login.aspx" timeout="2880" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<machineKey validation="SHA1" decryption="AES" validationKey="VKEY" decryptionKey="DKEY"></machineKey>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
</system.web>
配置Web服务
<system.web>
<authentication mode="Forms">
<forms name="COOKIENAME" loginUrl="~/Login/login.aspx" timeout="2880" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
<machineKey validation="SHA1" decryption="AES" validationKey="VKEY" decryptionKey="DKEY"></machineKey>
</system.web>
在Web UI中的角色,登录/ login.aspx的提交的用户名和密码。 ;一个cookie与方法 FormsAuthentication.SetAuthCookie(用户名,myVar的)创建的。然后,用户将被重定向到 Default.aspx的包含Silverlight应用程序。
In the Web UI role, Login/login.aspx submits the username and password. A cookie is created with the method FormsAuthentication.SetAuthCookie(username, myVar);. Then, the user is redirected to Default.aspx which contains the Silverlight application.
当它开始,Silverlight应用程序通过返回获取从Web服务角色的用户名 HttpContext.Current.User.Identity.Name 。
When it is starting, the Silverlight application gets the username from the Web Service role by returning HttpContext.Current.User.Identity.Name.
所有在本地云模拟器很好,但是当我部署我在Windows Azure中(升级)项目,Web服务并不知道我连接。我用小提琴手,我看到111.222.33.44:8080/Login/login.aspx被查询的页面(页面不会在Web服务的角色存在,它是要知道,如果一个用户进行身份验证的一种方式)。
All is fine in the local cloud emulator, but when I deploy my project in Windows Azure (staging), the web service doesn't know I am connected. I used Fiddler and I saw the page 111.222.33.44:8080/Login/login.aspx being queried (the page doesn't exist in the web service role, it is a way to know if a user is authenticated).
我怀疑Web服务无法检索用户名,因为它不能获取由Web UI角色创建的cookie。它实际上可能使其工作还是必须合并使用Web UI角色Web服务的角色?
I suspect the web service cannot retrieve the username because it cannot retrieve the cookie created by the Web UI role. Is it actually possible to make it work or do I have to merge the web service role with the Web UI role?
这两个角色的计算机密钥是相同的。
The machine keys on both roles are identical.
推荐答案
据我所知这两个角色将不共用一个Cookie。
AFAIK The two roles won't share a cookie.
在类似的情况我有一个托管的Silverlight客户端的Web项目,并已使用的Silverlight应用程序的Web服务。
In a similar situation I had a web project that hosted a silverlight client, and a web service that was used by the silverlight app.
用户将登录到该网站并访问silveright客户端。客户一直使用param属性提供Web服务的身份验证令牌
The user would log in to the website and access the silveright client. The client had been provided with web service authentication token using the param attribute
<object data="data:application/x-silverlight-2," type="application/x-silverlight-2">
<param name="Token" value="<%=Token %>" />
令牌,一旦Web服务解密,包含了登录用户的ID。
The token, once decrypted by the web service, contains the logged in user's id.
现在,Silverlight客户端可以访问一个无状态的Web服务和Web服务知道哪些登录用户要求所涉及。
Now, the Silverlight client can access a stateless web service and the web service knows which logged in user the request relates to.
我一直在我的WebService和WebRole分开,使CPU沉重的作业可以由服务来处理,使Web角色服务的网页漂亮和快速。
I kept my WebService and WebRole separate so that CPU heavy jobs can be handled by the service, leaving the web role to serve web pages nice and quickly.
这是否帮助?
这篇关于窗体身份验证在Windows Azure Silverlight应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
