我正在尝试通过在应用程序之间共享 cookies(登录和 Web 页面)在 .net 核心 3.1 中实现 SSO
[英]I am trying to implement SSO in .net core 3.1 by sharing cookies between apps (Login and Web page)
问题描述
I am trying to implement SSO by sharing cookies between two .net core 3.1 apps.
我正在尝试通过在两个 .net 核心 3.1 应用程序之间共享 cookies 来实现 SSO。 I have followed this link .我已经关注了这个链接。 I am trying to implement it by Sharing Cookies between the applications as mentioned in the link.我正在尝试通过在链接中提到的应用程序之间共享 Cookies 来实现它。
My idea is if a user is unauthorized, it should not be able to view the Second Index (view) page.我的想法是,如果用户未经授权,它应该无法查看第二索引(查看)页面。 It should redirect itself to the Login page in the first application and successfully login then should be able to see the page.它应该将自己重定向到第一个应用程序中的登录页面并成功登录,然后应该能够看到该页面。 if the user is already logged in then it should directly show the page.This is my idea.如果用户已经登录,那么它应该直接显示页面。这是我的想法。
My question is:我的问题是:
How to redirect it to login page?如何将其重定向到登录页面? The two web app are different applications.这两个 web 应用程序是不同的应用程序。
My code is below.我的代码如下。 But it doesn't redirect it.但它不会重定向它。 My first application which is the Login APP Startup.cs file looks like this我的第一个应用程序是Login APP Startup.cs文件看起来像这样
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddAuthentication("Identity.Application")
.AddCookie("Identity.Application", options =>
{
options.Cookie.Name = ".AspNet.SharedCookie";
options.Cookie.Path = "/Home/Login";
});
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(@"C:\Users\Yourname\AppData\Local\ASP.NET\DataProtection-Keys"))
.SetApplicationName("SharedCookieApp");
services.AddDataProtection()
.ProtectKeysWithDpapi();
services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Login}/{id?}");
});
}
}
HomeController:家庭控制器:
public ActionResult Login()
{
var userClaims = new List<Claim>()
{
new Claim(ClaimTypes.Name,"Bob"),
};
var usrIdentity = new ClaimsIdentity(userClaims, "userIdentity");
var usrPrinci = new ClaimsPrincipal(new[] { usrIdentity });
HttpContext.SignInAsync(usrPrinci);
return View();
}
Login View:登录视图:
@{
ViewBag.Title = "Login";
}
<h2>Login</h2>
@Html.ValidationSummary()
@Html.AntiForgeryToken()
<div class="form-group">
@Html.Label("Username")
@Html.Editor("UserName")
</div>
<div class="form-group">
@Html.LabelForModel("Password")
@Html.Password("Password")
</div>
<input class="btn btn-primary" type="submit" value="Login" />
The second application:第二个应用:
StartUp.cs启动.cs
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddDataProtection().PersistKeysToFileSystem(new DirectoryInfo(@"C:\Users\yourname\AppData\Local\ASP.NET\DataProtection-Keys"))
.SetApplicationName("SharedCookieApp");
services.AddDataProtection()
.ProtectKeysWithDpapi();
services.AddAuthentication("Identity.Application")
.AddCookie("Identity.Application", options =>
{
options.Cookie.Name = ".AspNet.SharedCookie";
options.LoginPath = "/Home/Login";
options.SlidingExpiration = true;
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
Home:家:
[Authorize(AuthenticationSchemes = "Identity.Application")]
public class HomeController : Controller
{
public IActionResult Index()
{
return View();
}
}
View is:视图是:
@{
ViewData["Title"] = "Home Page";
}
<div class="text-center">
<h1 class="display-4">Welcome</h1>
</div>
In my second application i am setting the Options.LoginPath in Startup.cs to the previous application login View.在我的第二个应用程序中,我将Startup.cs中的Options.LoginPath设置为上一个应用程序登录视图。 But it does not redirect it.但它不会重定向它。
The error that comes is出现的错误是
No webpage was found for the web address: https://localhost :******/Home/Login?ReturnUrl=%2F
The port value above does not change.上面的端口值不会改变。 The port value in the above URL is that of the second app.上述URL中的端口值就是第二个app的端口值。 Ideally, It should change to first app port value.理想情况下,它应该更改为第一个应用程序端口值。
Can anyone suggest what is missing from the code?谁能建议代码中缺少什么?
1 个解决方案
解决方案1
0 2021-08-27 02:58:56
I salve this problem by this order:我通过这个命令解决了这个问题:
- You need a controller base and login get username and pass and send to controller authentication after that controller base check username and password and set claim您需要一个 controller 基础并登录获取用户名并传递并发送到 controller 身份验证之后 controller 基础检查用户名和密码并设置声明
- every razor page for authentication needs to have this code:
@attribute [authorize(Role="admin")]每个用于认证的 razor 页面都需要有这个代码: @attribute [authorize(Role="admin")] - in app.razor you need use component login for unauthorization tag在 app.razor 中,您需要使用组件登录来获取未授权标签
I hope help you希望对你有帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.