ASP.NET MVC 4饼干消失 [英] ASP.NET MVC 4 cookie disappears
问题描述
我有一个ASP.NET应用程序发送一个验证cookie到ASP.NET MVC应用程序,作为后台办公应用程序。
我添加了一个全局过滤器来检查身份验证Cookie每个控制器的动作。若存在,则允许用户进入页面
在code是这样的:
公共类SecurityFilter类:FilterAttribute,个IAuthorizationFilter
{
公共无效OnAuthorization(AuthorizationContext filterContext)
{
// TODO:由于某些原因.AUTHCookie cookie不会在过滤器的请求上下文存在, 的HttpCookie饼干= filterContext.RequestContext.HttpContext.Request.Cookies [。AUTHCookie];
如果(饼干!= NULL){
从另一个方面我可以看到的Application_BeginRequest 从ASP.NET应用程序发送的cookie的事件在Global.asax文件。
在哪里,为什么饼干消失了?在什么MVC请求处理管道的一部分被饼干扔掉?
保护无效的Application_BeginRequest(对象发件人,EventArgs的发送)
{
VAR饼干= HttpContext.Current.Request.Cookies;
//在这里我可以看到这两个饼干。在筛选器操作只有一个cookie中被发现。身份验证cookie被抛出的地方...
}
我找到了我的方案的解决方案。我添加了一个compatibilityMode =Framework45成两个应用程序将machineKey,这一切都完美的工作。
请注意:如果您的应用程序之一是使用旧版本的.NET框架,你必须明确地配置您的.NET 4.5的应用程序使用较早的机器兼容性模式,否则将无法加密/解密的形式身份验证票证。
只是提醒你我的方案:
的WebForms ASP.NET 4.5<的machineKey compatibilityMode =Framework45解密=AES验证=SHA1decryptionKey =your_key1的validationKey =your_keu2/>
<身份验证模式=表格>
<domain.com形式的名称=_ authcookie域= loginUrl =?Default.aspx的查看= 1defaultUrl =?Default.aspx的查看= 1超时=30路径=/保护= 全部slidingExpiration =真enableCrossAp predirects =真/>
< /认证>MVC 4
<的machineKey compatibilityMode =Framework45解密=AES验证=SHA1decryptionKey =your_key1的validationKey =your_keu2/>
<身份验证模式=表格>
<形式的名称=_ authcookie域= defaultUrl =〜/超时=30路径=/保护=全部slidingExpiration =真enableCrossAp predirects =真domain.com。 />
< /认证>
在兼容模式下可能的值:
<一个href=\"http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx\" rel=\"nofollow\">http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx
I have an ASP.NET application that sends an authentication cookie to an ASP.NET MVC application, used as an back office application.
I've added a global filter that checks every controller action for the authentication cookie. If the cookie exists, it allows the user to enter the page.
The code looks like this:
public class SecurityFilter : FilterAttribute, IAuthorizationFilter
{
public void OnAuthorization(AuthorizationContext filterContext)
{
// TODO: For some reason .AUTHCookie cookie isn't exist in request context of filter,
HttpCookie cookie = filterContext.RequestContext.HttpContext.Request.Cookies[".AUTHCookie "];
if (cookie != null) {
From the other side I can see the cookie sent from the ASP.NET application in Application_BeginRequest event in the Global.asax file.
Where and why the cookie disappeared? In what part of the MVC Request-Handling pipeline was the cookie thrown away?
protected void Application_BeginRequest(object sender, EventArgs e)
{
var cookies = HttpContext.Current.Request.Cookies;
// HERE I CAN SEE BOTH cookies. In filter action only one cookie was found. The authentication cookie is thrown somewhere ...
}
I found a solution for my scenario. I've added a compatibilityMode="Framework45" into the machinekey in both applications and it's all working perfectly.
Note: If one of your applications is using an older versions of the .NET framework, you must explicitly configure your .NET 4.5 apps to use the earlier machine compatibility modes, or they will not be able to encrypt/decrypt the forms authentication ticket.
Just to remind you my scenario:
WebForms ASP.NET 4.5
<machineKey compatibilityMode="Framework45" decryption="AES" validation="SHA1" decryptionKey="your_key1" validationKey="your_keu2" />
<authentication mode="Forms">
<forms name="_authcookie" domain=".domain.com" loginUrl="Default.aspx?View=1" defaultUrl="Default.aspx?View=1" timeout="30" path="/" protection="All" slidingExpiration="true" enableCrossAppRedirects="true" />
</authentication>
MVC 4
<machineKey compatibilityMode="Framework45" decryption="AES" validation="SHA1" decryptionKey="your_key1" validationKey="your_keu2" />
<authentication mode="Forms">
<forms name="_authcookie" domain=".domain.com" defaultUrl="~/" timeout="30" path="/" protection="All" slidingExpiration="true" enableCrossAppRedirects="true" />
</authentication>
Possible values for the compatibility mode:
这篇关于ASP.NET MVC 4饼干消失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
