[英]Shared cookie authentication between ASP.NET Core RC2 and .NET 4.5.1 apps
We have two .NET-apps running shared cookie authentication. 我们有两个运行共享cookie身份验证的.NET应用程序。 One is an ASP.NET Core RC1 app, and the other is a classic .NET 4.5.1 app.
一个是ASP.NET Core RC1应用程序,另一个是经典的.NET 4.5.1应用程序。
This is currently set up using the outdated Microsoft.Owin.Security.Cookies.Interop
in the Configuration
method of Startup.cs
: 这是使用
Startup.cs
的Configuration
方法中过时的Microsoft.Owin.Security.Cookies.Interop
Configuration
的:
This works fine, but is no supported method for RC2. 这工作正常,但不支持RC2的方法。
How can we get going with shared cookie authentication for RC2? 我们如何才能使用RC2的共享cookie身份验证?
Combining https://github.com/GrabYourPitchforks/aspnet5-samples/tree/dev/CookieSharing and Sharing authentication cookie among Asp.Net Core 1 (MVC6) and MVC 5 applications I was able to come up with a working solution. 结合https://github.com/GrabYourPitchforks/aspnet5-samples/tree/dev/CookieSharing并在Asp.Net Core 1(MVC6)和MVC 5应用程序之间共享身份验证cookie,我能够提出一个可行的解决方案。 I have no idea if this is the "correct" way to to it, but it works, so here it goes:
我不知道这是否是“正确”的方法,但它确实有效,所以在这里:
Use the nuget-package Microsoft.Owin.Security.Interop 1.0.0-rc2-final
in both of the applications. 在两个应用程序中使用nuget-package
Microsoft.Owin.Security.Interop 1.0.0-rc2-final
。
Create a TicketDataFormat
using DataProtectionProvider
specifying the same location on disk for the encryption keys, as well as the same purpose. 使用
DataProtectionProvider
创建TicketDataFormat
,为加密密钥指定磁盘上的相同位置,以及相同的目的。
Configure cookie authentication the owin way in both of the applications. 在两个应用程序中以owin方式配置cookie身份验证。 Specify the same
CookieName
and TicketDataFormat
: 指定相同的
CookieName
和TicketDataFormat
:
.NET 4.5.1, in the Configure method of Startup.cs
: .NET 4.5.1,在
Startup.cs
的Configure方法中:
var authenticationType = "Cookies";
var cookieName = "myCookieName";
var cookieEncryptionKeyPath= "C:/mypath";
var dataProtectionProvider = DataProtectionProvider.Create(new DirectoryInfo(cookieEncryptionKeyPath));
var dataProtector = dataProtectionProvider.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", authenticationType, "v2");
var ticketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector));
app.SetDefaultSignInAsAuthenticationType(authenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = authenticationType,
CookieName = cookieName,
TicketDataFormat = ticketDataFormat
});
.NET CORE RC2 in the Configure method of Startup.cs
: Startup.cs
的Configure方法中的.NET CORE RC2:
var authenticationType = "Cookies";
var cookieName = "myCookieName";
var cookieEncryptionKeyPath= "C:/mypath";
var protectionProvider = DataProtectionProvider.Create(new DirectoryInfo(cookieEncryptionKeyPath));
var dataProtector = protectionProvider.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", authenticationType, "v2");
var ticketFormat = new TicketDataFormat(dataProtector);
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
CookieName = options.CookieName,
CookieDomain = options.CookieDomain,
TicketDataFormat = ticketFormat
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.