I am having a problem with setting up SSO between our apps, In the application that creates the cookie I have:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
// LogoutPath = new PathString("/Account/Logout"),
// ExpireTimeSpan = TimeSpan.FromDays(1),
CookieName = "mycookie",
CookieDomain = ".mydomain.com",
});
When testing this locally I get the result I expect
Cookie = Name: mycookie, Domain: .mydomain.com
However when I go to our test environment I get
Cookie = Name: mycookie, Domain: oauth.mydomain.com
Since the cookie has the root of the domain it does not work in the other applications. I have done everything I can think of but it just does not seem to want to use the domain specified in the configuration.
Update: It appears this is a problem when hosting from an IIS7 environment when using SSL. When not using SSL in IIS7 or when deployed to our UAT enviroment with IIS8 it works as expected.
When using SSL it is also not redirecting correctly. I think this problem is also related.
When I hit http://site.domain.com I am redirected to
http://auth.domain.com/account/login?returnUrl=site.domain.com
as expected, however If SSL is enabled I am redirected to
https:// site.domain.com /account/login?returnurl=site.domain.com
因此,问题似乎出在那些位于后面的服务器的防火墙/代理中。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.