如何使用托管在 .Net framework 4.6 应用程序中的登录页面对 .Net Core 3.1 上的 IdentityServer4 应用程序进行身份验证?
[英]How to use login page hosted in .Net framework 4.6 application to authenticate for IdentityServer4 application on .Net Core 3.1?
问题描述
We have a current login page on a .Net framework 4.6 application.
我们在 .Net framework 4.6 应用程序上有一个当前登录页面。 We are building a new .Net Core 3.1 IdentityServer4 application primarily for issuing tokens, but during the code authentication flow we want to redirect to a login page which is hosted in our current .Net framework 4.6 application.我们正在构建一个新的 .Net Core 3.1 IdentityServer4 应用程序,主要用于颁发令牌,但在代码身份验证流程中,我们希望重定向到我们当前的 .Net 框架 4.6 应用程序中托管的登录页面。
The redirect for login page from IDServer app to .Net framework 4.6 app works fine, but after the .Net framework 4.6 app creates and sets the cookie, IdentityServer4 doesn't seem to be responding to this cookie.登录页面从 IDServer 应用程序重定向到 .Net framework 4.6 应用程序工作正常,但在 .Net framework 4.6 应用程序创建并设置 cookie 后,IdentityServer4 似乎没有响应此 cookie。
Does anyone know how to achieve logging-in in the .Net framework 4.6 application and then redirecting back to IdentityServer and handling the tokens after the login?有谁知道如何在 .Net framework 4.6 应用程序中实现登录,然后重定向回 IdentityServer 并在登录后处理令牌?
In IdentityServer, the following code makes it possible to redirect to .Net framework 4.6 application:在 IdentityServer 中,以下代码可以重定向到 .Net framework 4.6 应用程序:
services.AddIdentityServer(options =>
{
options.UserInteraction.LoginUrl = "https://localhost:44352/login/";
options.UserInteraction.LoginReturnUrlParameter = "returnUrl";
})
But after the app running on "https://localhost:44352/login/" sets the identity cookie and redirects back to IdentityServer4 with the provided returnUrl, the IdentityServer4 is not reading that cookie.但是在“https://localhost:44352/login/”上运行的应用程序设置了身份 cookie 并使用提供的 returnUrl 重定向回 IdentityServer4 后,IdentityServer4 不会读取该 cookie。 We've even tried to create the Identity cookie using another .Net Core 3.1 application using Microsoft's Identity package, which works when doing it in IdentityServer4, but it doesn't work when creating this cookie in another application and passing it to IdentityServer4.我们甚至尝试使用 Microsoft 的 Identity 包使用另一个 .Net Core 3.1 应用程序创建 Identity cookie,该应用程序在 IdentityServer4 中执行此操作时有效,但在另一个应用程序中创建此 cookie 并将其传递给 IdentityServer4 时不起作用。
2 个解决方案
解决方案1
0 2020-09-18 03:11:55
I haven't tried that but you can do following things (In general case)我没试过,但你可以做以下事情(一般情况下)
- Cookies domain and name should be same at both platforms (web apps)两个平台(网络应用程序)的 Cookie 域和名称应相同
- Machine Key must be same on both apps两个应用程序上的机器密钥必须相同
解决方案2
0 2020-09-20 10:16:03
Your applications (ASP.NET Core and classic ASP) and IdentityServer does not share the same cookies.您的应用程序(ASP.NET Core 和经典 ASP)和 IdentityServer 不共享相同的 cookie。
IdentityServer issues their own cookies and session cookies can't be read between ASP.NET and ASP.NET core (they are protected differently). IdentityServer 发布自己的 cookie,并且无法在 ASP.NET 和 ASP.NET 核心之间读取会话 cookie(它们的保护方式不同)。
In general, I think to get the single-signon experience both applications (ASP.NET and ASP.NET core) needs to authenticate indepedently to IdentityServer and get its own set of tokens.一般来说,我认为要获得单点登录体验,两个应用程序(ASP.NET 和 ASP.NET 核心)都需要独立地向 IdentityServer 进行身份验证并获得自己的一组令牌。 But the user only needs to login once to IdentityServer beause after the first login, the IdentityServer will using its cookie remember who you are.但是用户在第一次登录后只需要登录一次 IdentityServer,IdentityServer 将使用它的 cookie 记住你是谁。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.