基于表单的认证也不是.NET 2.0和.NET 4.0的应用程序之间的工作 [英] Forms based authentication not working between .Net 2.0 and .Net 4.0 application

问题描述

我有IIS 6.0的Windows Server 2003上运行多个Web应用程序。

I have several web applications running on an Windows Server 2003 with IIS 6.0.

在应用Asp.net 2.0下运行。

The applications are running under Asp.net 2.0.

最近我安装了MVC 3 Web应用程序是在它的基础性asp.net 4。形式票未在此新的应用程序recocnized。

Recently I have installed a MVC 3 Web application which is in it's nature asp.net 4 based. The forms ticket is not recocnized in this new application.

我在已通过此链接创建不同的asp.net版本在machine.config文件相同的machineKey设置：<一href=\"http://aspnetresources.com/tools/machineKey\">http://aspnetresources.com/tools/machineKey

I have the same machineKey settings in the machine.config files of the different asp.net versions that have been created using this link: http://aspnetresources.com/tools/machineKey

在登录Web应用程序的配置是这样的：

The configuration in the login web application is like this:

  <authentication mode="Forms">
    <forms name=".WEBAUTH"
         loginUrl="login.aspx"
         protection="None"
         slidingExpiration="true"
         enableCrossAppRedirects="false"     
         timeout="43200"     
         path="/" />
  </authentication>

和相应的MVC应用程序的配置是：

And accordingly the configuration of the mvc app is:

  <authentication mode="Forms">
    <forms name=".WEBAUTH"
         loginUrl="http://path2theloginapp/login.aspx"
         protection="None"
         slidingExpiration="true"
         enableCrossAppRedirects="false"     
         timeout="43200"     
         path="/" />
  </authentication>

  <authorization>
    <deny users="?" />
    <allow users="*" />
  </authorization>

登录的作品，但MVC应用程序始终重定向到登录页面。

The login works, but the mvc application always redirects back to the login page.

现在，如果我更改IIS配置登录Web应用程序到ASP.NET 4.0的asp.net版本，它的工作原理。但随后在asp.net运行2没有更多的作品所有其他应用程序。

Now if i change the asp.net Version of the login web application in IIS configuration to asp.net 4.0, it works. But then all the other applications running on asp.net 2 no more works.

有没有人在类似情况下解决formsbased认证？

Has anybody solved formsbased authentication in a similar situation?

推荐答案

我不得不去很长的路，并与微软开了一个支持案例。

I had to go the long way and opened a support case with Microsoft.

事实证明，从Microsoft安全公告MS11-100相关的安全更新程序失踪：

As it turned out, the relevant security updates from Microsoft Security Bulletin MS11-100 were missing:

<一个href=\"http://technet.microsoft.com/en-us/security/bulletin/ms11-100\">http://technet.microsoft.com/en-us/security/bulletin/ms11-100.

选择你的OperatingSystem的并安装NET 2.0和4.0的更新。

http://technet.microsoft.com/en-us/security/bulletin/ms11-100.
Choose your operatingsystem and install the updates for .Net 2.0 and 4.0.

这将更新固定基于表单的认证，而不涉及的Web应用程序的重新配置。

This updates fixed forms-based authentication without reconfiguration of the involved web applications.

这篇关于基于表单的认证也不是.NET 2.0和.NET 4.0的应用程序之间的工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！