在本地主机中为多个应用程序配置基于声明的身份 [英] Configure Claim based identity for multiple applications in localhost
问题描述
我有两个应用程序 http:/ localhost / applicationA 和 http:/ localhost / applicationB 。我已经为基于声明的身份验证设置配置了applicationA。 applicationA运行正常。但是我从applicationA引用了applicationB的一些Javascrips。但是applicationB没有身份验证cookie( FedAuth )。
I have two applications "http:/localhost/applicationA" and "http:/localhost/applicationB". I have configured applicationA for claim based authentication settings. applicationA is working perfectly. But I am refering some javascrips of applicationB from applicationA. But applicationB has no the authentication cookies(FedAuth).
我是否可以使用以下代码在applicationA和applicationB中都添加声明身份验证?
Is it possible for me to add claim authentication in both applicationA, applicationB using the below code?
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="http://localhost/applicationB/" />
<add value="http://localhost/applicationA/" />
</audienceUris>
<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
<authority name="PassiveSigninSTS">
<keys>
<add thumbprint="DE161DD37B2FEC37BDB17CAFF33D982DCE47E740" />
</keys>
<validIssuers>
<add name="PassiveSigninSTS" />
</validIssuers>
</authority>
</issuerNameRegistry>
<!--certificationValidationMode set to "None" by the the Identity and Access Tool for Visual Studio. For development purposes.-->
<certificateValidation certificateValidationMode="None" />
</identityConfiguration>
推荐答案
您需要在applicationB中启用声明身份验证才能起作用。换句话说,您需要在applicationB中设置与applicationA中相同的 system.identityModel web.config设置(如示例所示)。
You would need to enable claims authentication in applicationB for this to work. In other words, you would need to setup the same system.identityModel web.config settings in applicationB as in applicationA (as you've shown in your example).
是否需要保护JavaScript?如果脚本不是安全的,为什么不让所有人都可以使用它们,这样您就不必担心跨站点的单点登录了?
Is there a reason that the JavaScript needs to be secured? If the scripts aren't secured, why not just make them accessible to everyone so you won't need to worry about the single sign-on across sites?
这篇关于在本地主机中为多个应用程序配置基于声明的身份的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
