使用FormsAuthentication的跨域Cookie [英] Cross Domain Cookies With FormsAuthentication
问题描述
我知道相关的安全性风险,并将其与业务联系在一起,但他们希望有5个域可以共享登录Cookie。
我们正在使用并没有计划停止使用ASP.Net成员资格和配置文件。这可能吗?
这是不可能的开箱即用的ASP.NET。
基于表单的身份验证基于Cookie,并且Cookie只能设置为特定域。
如果您要真正交叉域(而不是子域)共享身份验证,则需要单点登录解决方案。
我滚动了我自己的,它相对简单。基本原则是您有一个主域保存您的身份验证cookie(票证)。然后,您从所有其他域重定向到该域。这不是真的很好,但事件Microsoft Passport这样工作。
你可以在网上找到很多例子,看看这两个链接:
I know the security risk associated and have brought it up with the business, but they want to have their 5 domains to share the login cookie.
We are using and have no plan to stop using ASP.Net Membership and Profiles. Is this possible? A hack would even be greatly appreciated.
It is not possible with out of the box ASP.NET.
Forms based authentication is based on a cookie and cookies can only be set to a specific domain.
If you want true cross domain (not sub domains) shared authentication, you need a Single Sign On solution.
I've rolled my own and it's relatively simple. The basic principle is that you have a master domain which holds your authentication cookie (ticket). You then redirect to that domain from all other domains. It's not really pretty, but event Microsoft Passport worked that way.
You can find a lot of examples on the net, take a look at these two links:
这篇关于使用FormsAuthentication的跨域Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!