基于表单的认证也不是.NET 2.0和.NET 4.0的应用程序之间的工作 [英] Forms based authentication not working between .Net 2.0 and .Net 4.0 application
问题描述
我有IIS 6.0的Windows Server 2003上运行多个Web应用程序。
I have several web applications running on an Windows Server 2003 with IIS 6.0.
在应用Asp.net 2.0下运行。
The applications are running under Asp.net 2.0.
最近我安装了MVC 3 Web应用程序是在它的基础性asp.net 4。形式票未在此新的应用程序recocnized。
Recently I have installed a MVC 3 Web application which is in it's nature asp.net 4 based. The forms ticket is not recocnized in this new application.
我在已通过此链接创建不同的asp.net版本在machine.config文件相同的machineKey设置:<一href=\"http://aspnetresources.com/tools/machineKey\">http://aspnetresources.com/tools/machineKey
I have the same machineKey settings in the machine.config files of the different asp.net versions that have been created using this link: http://aspnetresources.com/tools/machineKey
在登录Web应用程序的配置是这样的:
The configuration in the login web application is like this:
<authentication mode="Forms">
<forms name=".WEBAUTH"
loginUrl="login.aspx"
protection="None"
slidingExpiration="true"
enableCrossAppRedirects="false"
timeout="43200"
path="/" />
</authentication>
和相应的MVC应用程序的配置是:
And accordingly the configuration of the mvc app is:
<authentication mode="Forms">
<forms name=".WEBAUTH"
loginUrl="http://path2theloginapp/login.aspx"
protection="None"
slidingExpiration="true"
enableCrossAppRedirects="false"
timeout="43200"
path="/" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
登录的作品,但MVC应用程序始终重定向到登录页面。
The login works, but the mvc application always redirects back to the login page.
现在,如果我更改IIS配置登录Web应用程序到ASP.NET 4.0的asp.net版本,它的工作原理。但随后在asp.net运行2没有更多的作品所有其他应用程序。
Now if i change the asp.net Version of the login web application in IIS configuration to asp.net 4.0, it works. But then all the other applications running on asp.net 2 no more works.
有没有人在类似情况下解决formsbased认证?
Has anybody solved formsbased authentication in a similar situation?
推荐答案
我不得不去很长的路,并与微软开了一个支持案例。
I had to go the long way and opened a support case with Microsoft.
事实证明,从Microsoft安全公告MS11-100相关的安全更新程序失踪:
As it turned out, the relevant security updates from Microsoft Security Bulletin MS11-100 were missing:
<一个href=\"http://technet.microsoft.com/en-us/security/bulletin/ms11-100\">http://technet.microsoft.com/en-us/security/bulletin/ms11-100.
选择你的OperatingSystem的并安装NET 2.0和4.0的更新。
http://technet.microsoft.com/en-us/security/bulletin/ms11-100.
Choose your operatingsystem and install the updates for .Net 2.0 and 4.0.
这将更新固定基于表单的认证,而不涉及的Web应用程序的重新配置。
This updates fixed forms-based authentication without reconfiguration of the involved web applications.
这篇关于基于表单的认证也不是.NET 2.0和.NET 4.0的应用程序之间的工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!