在同一服务器上使用多个Web服务进行表单身份验证
[英]Forms Authentication with Multiple Web Services on Same Server
问题描述
I have four c# 4.5 MVC RESTful web services running on one server under IIS 7.5 which I can access like this... 
我在IIS 7.5下的一台服务器上运行四个c#4.5 MVC RESTful Web服务,可以像这样访问...
http://1.2.3.4:5/Service1/Controller/Method
http://1.2.3.4:5/Service2/Controller/Method
http://1.2.3.4:5/Service3/Controller/Method
http://1.2.3.4:5/Service4/Controller/Method
One of the Service1 methods available acts as a logon and returns a Forms Authentication cookie using... 可用的Service1方法之一用作登录,并使用...返回Forms Authentication cookie。
FormsAuthentication.SetAuthCookie(user.UserName, false);
This seems to work fine and I can only access the Service1 methods which have been protected using the [Authorize] attribute if the login method has been called with appropriate parameters. 这似乎工作正常,并且如果已使用适当的参数调用了登录方法,则我只能访问使用[Authorize]属性保护的Service1方法。
What I can't understand is why I cannot invoke any of the Service2/3/4 methods which have the [Authorize] attribute set - all the services are on the same server using the same IP and port, are they still deemed to be different services and not able to use the same cookie? 我无法理解的是为什么我不能调用任何设置了[Authorize]属性的Service2 / 3/4方法-所有服务都位于使用相同IP和端口的同一服务器上,是否仍被认为是不同的服务而不能使用相同的cookie?
The path in the cookie returned by the login is "/" but I'm guessing that that is simply relative to the root of the service and therefore "/" for Service1 is not the same as "/" for Service2/3/4. 登录名返回的Cookie中的路径为“ /”,但我猜测这只是相对于服务的根目录,因此Service1的“ /”与Service2 / 3/4的“ /”不同。
If this is the case, how can I permit them all to share the cookie? 如果是这种情况,我如何允许他们所有人共享Cookie? I can't see any way to make IIS "share" a common root for the four of them. 我看不出有什么方法可以使IIS“共享”它们四个的共同根。
I tried setting the following in the web.config in all four services... 我尝试在所有四个服务的web.config中设置以下内容...
<forms enableCrossAppRedirects="true" domain="1.2.3.4" protection="All" path="/"/>
...but it didn't seem to help, again I assume the "/" doesn't map across the applications. ...但是它似乎没有帮助,我再次假设“ /”没有映射到应用程序中。
I've looked at quite a few topics relating to this but the trouble is that I'm not sure exactly where the problem lies so I'm not exactly sure what to search for - none of the Forms Authentication posts and topics I've looked at deal with exactly this problem or the solutions they include don't seem to work for me. 我已经看过很多与此相关的主题,但是麻烦在于我不确定问题的根源,因此我不确定要搜索的内容-我没有《表单认证》帖子和主题看着恰好解决了这个问题,或者它们包含的解决方案似乎对我不起作用。
Any pointers would be gratefully accepted. 任何指针将不胜感激。
1 个解决方案
解决方案1
0 2014-05-03 11:18:26
Finally found something which pointed me to a solution, albeit via a round-about route. 终于找到了一些使我找到解决方案的东西,尽管它是绕行路线。
I discovered that I need to set the machineKey to the same value across the four web services ie add... 我发现我需要在四个Web服务中将machineKey设置为相同的值,即添加...
<machineKey validationKey="5B23............................944D"
decryptionKey="E008.......686E"
validation="SHA1"/>
...to the system.web section of all the web.config files. ...到所有web.config文件的system.web部分。 I had seen stuff about this but discounted it because I had no Machine Key entry in the Features View in IIS. 我已经看到了一些有关此方面的内容,但由于在IIS的“功能”视图中没有“机器密钥”条目,所以对此予以了打折。
Seems it might have been a little easier to discover this, were it not for the fact that my IIS does not show the Machine Key entry for some bizarre reason - but that's another problem for another day. 似乎发现它可能要容易一些,这不是因为我的IIS出于某种奇怪的原因没有显示“机器密钥”条目,但这又是另一天的问题。 Once I had realised this was an issue and grabbed a code snippet to generate the keys, I was in business. 当我意识到这是一个问题并抓住一个代码片段生成密钥后,我便开始从事商业活动。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.