前端之家

  1. 首页
  2. 问答

共享身份验证Cookie

问答

今天,根据我的公司规则,我使用以下Startup Owin类配置在不同端口中的intranet asp.net mvc 5应用程序之间共享cookie身份验证:

using System;
using System.Configuration;
using microsoft.AspNet.Identity;
using microsoft.Owin;
using microsoft.Owin.Security.Cookies;
using Owin;

[assembly: OwinStartup(typeof(Icomon.ControleProducao.Site.Startup))]
namespace Site
{
    public partial class Startup
    {
        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,ExpireTimeSpan = TimeSpan.FromMinutes(30),LoginPath = new PathString("/account/Login"),LogoutPath = new PathString("/account/Logout"),slidingexpiration = true,Provider = new CookieAuthenticationProvider
                {
                    OnApplyRedirect = ApplyRedirect
                }
            });

            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        }

        private static void ApplyRedirect(CookieApplyRedirectContext context)
        {
            if (Uri.TryCreate(context.Redirecturi,UriKind.Absolute,out Uri absoluteUri))
            {
                var path = PathString.FromUriComponent(absoluteUri);
                if (path == context.OwinContext.Request.PathBase + context.Options.LoginPath)
                    context.Redirecturi = "domain.com/login";
            }

            context.Response.Redirect(context.Redirecturi);
        }
    }
}

现在,我正在尝试在此范围内添加asp.net核心应用程序,但没有成功。这是我的代码:

public void ConfigureServices(IServiceCollection services)
{
    services.AddControllersWithViews(options => options.Filters.Add(new AuthorizeFilter()));

    services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
      .AddCookie(options =>
      {
          options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
          options.slidingexpiration = true;
          options.Events.OnRedirectToLogin = (context) =>
          {
              if (Uri.TryCreate(context.Redirecturi,out var absoluteUri))
              {
                  var path = PathString.FromUriComponent(absoluteUri);
                  if (path == context.Request.PathBase + context.Options.LoginPath)
                  {
                      context.Response.Redirect("domain.com/login");
                  }
              }

              return Task.CompletedTask;
          };
      });
}

public void Configure(IApplicationBuilder app,IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    else
    {
        app.UseExceptionHandler("/Home/Error");
    }

    app.UseStaticfiles();

    app.UseCookiePolicy();
    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.MapControllerRoute(
            name: "default",pattern: "{controller=Home}/{action=Index}/{id?}");
    });
}

我使用此方法,任何用户只需登录一次,就可以访问根据权限列出的所有应用程序。

有人解决吗?非常感谢

swj1363345 回答:共享身份验证Cookie
暂时没有好的解决方案,如果你有好的解决方案,请发邮件至:iooj@foxmail.com
asp.net-coreasp.net-mvcc#
本文链接:https://www.f2er.com/3157413.html

大家都在问