在虚拟目录表单验证 [英] Forms Authentication across virtual directories

问题描述

我想从根应用程序在虚拟目录中运行的应用程序的子共享窗体身份验证。我有在子网站身份验证的麻烦。

I am trying to share forms auth from a root application to a sub application running in a virtual directory. I am having trouble with authentication in the subsite.

在父应用程序一切正常。

In the parent application everything works as expected.

我有以下设置：

父应用程序：

• 网址：的http：//本地主机：1336 /


• ＆LT;MyApplication的形式loginUrl =〜/帐号/登入保护=所有超时=30NAME =路径=/requireSSL =false的slidingExpiration =真正的无Cookie =UseDeviceProfileenableCrossAp predirects =真defaultUrl =//＆GT;

• URL: http://localhost:1336/
• <forms loginUrl="~/account/sign-in" protection="All" timeout="30" name=".MYAPPLICATION" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" enableCrossAppRedirects="true" defaultUrl="/" />

虚拟目录：

• 网址：的http：//本地主机：1336 /子网站


• ＆LT;MyApplication的形式loginUrl =/帐号/登入保护=所有超时=30NAME =路径=/requireSSL =假slidingExpiration = 真正的无Cookie =UseDeviceProfileenableCrossAp predirects =真defaultUrl =//＆GT;

• URL: http://localhost:1336/subsite
• <forms loginUrl="/account/sign-in" protection="All" timeout="30" name=".MYAPPLICATION" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile" enableCrossAppRedirects="true" defaultUrl="/" />

当我尝试到的http：//本地主机：1336 /子网站我得到以下流程：

When i try to a http://localhost:1336/subsite I get the following flow:

• GET 为的http：//本地主机：1336 /子网站 - > 302 /帐号/登入RETURNURL =％2fsubsite （看起来OK）的


• 输入用户名/密码


• 上传以的http：//本地主机：1336 /帐号/登入RETURNURL =％2fsubsite - > 302 /子网站的（伟大的AUTH看起来像它的成功）的


• GET 为的http：//本地主机：1336 /子网站 - > 302 /帐号/登入RETURNURL =％2fsubsite （即子网站犯规认为其认证）的

• GET for http://localhost:1336/subsite -> 302 to /account/sign-in?ReturnUrl=%2fsubsite (looks ok)
• Enter User/password
• POST to http://localhost:1336/account/sign-in?ReturnUrl=%2fsubsite -> 302 /subsite (great the auth looks like its successful)
• GET for http://localhost:1336/subsite -> 302 to /account/sign-in?ReturnUrl=%2fsubsite (IE the subsite doesnt think its authenticated)

此外，我可以看到在我的浏览器在列表中的cookie（所以它实际上没有）

Also i can see the cookie in the list in my browser (so its actually there)

我有什么错我的配置是拦着我的子网站从共享父的cookie？

What have I got wrong in my config that's stopping my subsite from sharing the parent cookie?

我在IISEx preSS

I am running this on IISExpress

推荐答案

在你的web.config文件，设置项目之间的共同机键，使2域共享验证和解密密钥。

In your web.config files, set a common machine key between the projects so that the 2 domains share validation and decryption keys.

例如：

<machineKey validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7" 
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

这篇关于在虚拟目录表单验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！