stackoom
  简体   繁体   中英

URL Rewrite for subdomain fails with identityserver3

 原文  2015-06-24 07:15:10       asp.net/ azure/ identityserver3

Question

We have a wild card domain hosted on azure. I've setup up subdomain.domain.com to rewrite to domain.com/subdomain. It all works fine.

However when I login to our identity server, once the login process is completed and I am redirected back to subdomain.domain.com it seems like the authentication token is lost.

I can't see how this can be possible. This issue happens with all our identity providers (google, Facebook, Microsoft live)

If I change the setup to use domain.com/subdomain then everything works as expected

1 answers

solution1
 0  2015-06-24 07:45:34

The main issue is what type of cookie your identity server places, It looks like your server places and domain specific cookie, and not a wildcard one.

Cookie domains

Common issue with the cookie for the authentication is the domain for the cookie. Similarly to the paths of the cookies, if the cookies are created on two different subdomains, then the cookie will only be accessible on the domain where it was created. For instance, your main application may be on www.domain.com, but you have Telligent Evolution running on cs.domain.com. If you create the cookie on www.domain.com, the browser will only send it to that domain, and it won't be passed along when they navigate over to cs.domain.com.

The cookie can be carried over by setting the domain to “.domain.com”. Cookies don't use the common “*” wild card. Simply use “.domain.com”. With this entry, the browser will not to pass the cookie when it goes over to cs.domain.com as well.

Like the path, the domain can be specified in either the web.config or through code. When setting the web.config file, it will only check for the authorization cookie. You must have this set for the site to correctly recognize the new domain level cookie: 

<authentication mode="Forms">
  <forms name=".CommunityServer" ... domain=".domain.com" />
</authentication>

The "domain" name is ignored by the FormsAuthentication.SetAuthCookie method, so you must manually set it on your login page when creating the AuthCookie. For example: 

HttpCookie cookie = FormsAuthentication.GetAuthCookie(username, true);
cookie.Domain = ".domain.com";
Response.Cookies.Add(cookie);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question URL Rewrite to a subdomain urlrewritingnet - rewrite URL with subdomain Url rewrite for subdomain as Username UseIdentityServerBearerTokenAuthentication is not working for IdentityServer3 IdentityServer3 xBehave test Secure IdentityManager with IdentityServer3 IdentityServer3 + AzureAD and RedirectUri Confusion IdentityServer3 - Client certificate validation Asp.net 4 url rewrite a subdomain as a folder Generate access token with IdentityServer3 without password
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM