在两个 Web 应用程序之间共享身份验证 [英] Sharing authentication between two web applications
问题描述
I have a base web site (Asp.net WebForms application) running under ie.
http://localhost:90/
Then I created a new (this time Asp.net MVC) application and added it under
http://localhost:90/mvc/
but not just as a simple virtual folder, but as an application folder by defining a different application pool to run it, compared to the parent application.
Since browsers can't know that there are two different application basically on the same domain it would work like:
- user accesses
http://localhost:90/ - parent app redirects the user to forms authentication screen
- user successfully logs in
- parent web adds an authentication cookie
- user accesses
http://localhost:90/mvc - browser attaches the same cookie from parent app
Is it possible that I authenticate the user based on this same cookie? I would configure my MVC application to login redirect to parent app to have a shared authentication screen. But I'd like to know who authenticated and work from that point on.
I've read something about sharing the same system.web/machineKey values to provide this kind of functionality, but I would like some real world examples.
I'm aware that these two applications will not be able to share Session state and that's not a problem, because I don't want them to. All I want is a kind of single login (SSO/SSS)
Is this possible? How?
Important
I've read other questions/answers about this, but they are either asking about cross-domain/cross-server etc. This one is on the same IIS web site.
I found it myself.
This is the article on MSDN that talks exactly about this scenario. I decided to keep this question anyway for anyone that would be chasing the same information some time later.
MSDN: Forms Authentication Across Applications
In brief
You have to configure machine keys in web.config of both applications so they match hence they'll be able to decode data that the other party generated. And that's the whole trick. MSDN article explains this in great detail including how to generate those keys.
这篇关于在两个 Web 应用程序之间共享身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
