在ASP.NET Core中的应用程序和子应用程序之间共享Cookie

Question

I am looking for a way to share a login screen between a root application and a sub application (Virtual Directory configured as an Application) in ASP.NET Core. The LoginPath for the sub application will be pointing to the root login page (which the returnUrl will then point back to the sub application). Basically, I need the sub application to recognize the credentials set by the root application. I am using cookie authentication.

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationScheme = "Cookie",
    LoginPath = new PathString("./signin/"),
    AccessDeniedPath = new PathString("/unauthorized/"),
    AutomaticAuthenticate = true,
    AutomaticChallenge = true
});

Here is my code issuing the creds.

var issuer = SettingBusiness.GetSettingValueAsString("MembersSiteUrl");
var claims = new List<Claim> {new Claim(ClaimTypes.Name, user.UserId.ToString(), ClaimValueTypes.Integer32, issuer)};
var userIdentity = new ClaimsIdentity("MembersUser");
userIdentity.AddClaims(claims);
var userPrincipal = new ClaimsPrincipal(userIdentity);
var authenticationProperties = new AuthenticationProperties
{`enter code here`
    ExpiresUtc = DateTime.UtcNow.AddMinutes(60),
    IsPersistent = false,
    AllowRefresh = true
};
await HttpContext.Authentication.SignInAsync("Cookie", userPrincipal, authenticationProperties);

Having a hard time finding info on this particular scenario. Any help would be greatly appreciated.

Answer 1

I assume this cookie is encrypted with the new data protection system .

Your root application will encrypt the cookie with its private key. Your sub-application currently does not have access to this private key and won't be able to decrypt this cookie.

In order for your sub-application to be able to decrypt the cookie, you will need to setup a shared key storage provider .