ASP.NET Core RC2和.NET 4.5.1应用程序之间的共享cookie身份验证
[英]Shared cookie authentication between ASP.NET Core RC2 and .NET 4.5.1 apps
问题描述
We have two .NET-apps running shared cookie authentication. 
我们有两个运行共享cookie身份验证的.NET应用程序。 One is an ASP.NET Core RC1 app, and the other is a classic .NET 4.5.1 app. 一个是ASP.NET Core RC1应用程序,另一个是经典的.NET 4.5.1应用程序。
This is currently set up using the outdated Microsoft.Owin.Security.Cookies.Interop in the Configuration method of Startup.cs : 这是使用Startup.cs的Configuration方法中过时的Microsoft.Owin.Security.Cookies.Interop Configuration的:
This works fine, but is no supported method for RC2. 这工作正常,但不支持RC2的方法。
How can we get going with shared cookie authentication for RC2? 我们如何才能使用RC2的共享cookie身份验证?
1 个解决方案
解决方案1
4 已采纳 2016-05-31 10:41:09
Combining https://github.com/GrabYourPitchforks/aspnet5-samples/tree/dev/CookieSharing and Sharing authentication cookie among Asp.Net Core 1 (MVC6) and MVC 5 applications I was able to come up with a working solution. 结合https://github.com/GrabYourPitchforks/aspnet5-samples/tree/dev/CookieSharing并在Asp.Net Core 1(MVC6)和MVC 5应用程序之间共享身份验证cookie,我能够提出一个可行的解决方案。 I have no idea if this is the "correct" way to to it, but it works, so here it goes: 我不知道这是否是“正确”的方法,但它确实有效,所以在这里:
Use the nuget-package
Microsoft.Owin.Security.Interop 1.0.0-rc2-finalin both of the applications.在两个应用程序中使用nuget-package Microsoft.Owin.Security.Interop 1.0.0-rc2-final。Create a
TicketDataFormatusingDataProtectionProviderspecifying the same location on disk for the encryption keys, as well as the same purpose.使用DataProtectionProvider创建TicketDataFormat,为加密密钥指定磁盘上的相同位置,以及相同的目的。Configure cookie authentication the owin way in both of the applications.
在两个应用程序中以owin方式配置cookie身份验证。 Specify the same CookieNameandTicketDataFormat:指定相同的CookieName和TicketDataFormat:
.NET 4.5.1, in the Configure method of Startup.cs : .NET 4.5.1,在Startup.cs的Configure方法中:
var authenticationType = "Cookies";
var cookieName = "myCookieName";
var cookieEncryptionKeyPath= "C:/mypath";
var dataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(cookieEncryptionKeyPath));
var dataProtector = dataProtectionProvider.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", authenticationType, "v2");
var ticketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector));
app.SetDefaultSignInAsAuthenticationType(authenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = authenticationType,
CookieName = cookieName,
TicketDataFormat = ticketDataFormat
});
.NET CORE RC2 in the Configure method of Startup.cs : Startup.cs的Configure方法中的.NET CORE RC2:
var authenticationType = "Cookies";
var cookieName = "myCookieName";
var cookieEncryptionKeyPath= "C:/mypath";
var protectionProvider = DataProtectionProvider.Create(new DirectoryInfo(cookieEncryptionKeyPath));
var dataProtector = protectionProvider.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", authenticationType, "v2");
var ticketFormat = new TicketDataFormat(dataProtector);
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
CookieName = options.CookieName,
CookieDomain = options.CookieDomain,
TicketDataFormat = ticketFormat
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.