在ASP.Net Webforms和MVC中实现单点登录
我有一个现有的WebForms应用程序,现在我们正在创建一个新的MVC应用程序.他们俩都使用我们自己的自定义提供程序(使用相同的数据库)进行身份验证.
I have an existing WebForms application and we're now creating a new MVC application. They both authenticate using our own custom provider, using the same database.
我可以使用相同的凭据分别成功登录每个应用程序,但是我现在想要实现单点登录(即:如果用户已经登录到app1中,则app2将自动检测用户的设置并确定他已登录).
I can successfully log in in each application separately using the same credentials, but what I now want is to implement a single-sign on (ie: if the user is already logged in in app1, app2 would automatically detect the user's settings and identify him as being logged in).
I have done my homework and read the references here, here and here, amongst others.
到目前为止,我已经执行了以下操作:
So far I have done the following:
-
在两个站点上设置相同的计算机密钥:
Set the same machineKey on both sites:
在两个站点上设置相同的表单身份验证:
Set the same forms auth on both sites:
尽管有所有这些,但我还没有设法使SSO正常工作.我已经管理了单点退出",即当用户退出一个站点时,他已经从另一个站点退出了.
Despite all of this, I haven't managed to get SSO working. I have managed 'Single-sign off', whereby when the user signs off one site, he's signed off from the other.
我有什么想念的吗?
我想要一个仅配置的解决方案,不需要我进行任何编码.
I would like a configuration-only solution, that does not require me to do any coding.
我只是为了关闭而回答自己的问题.
I am answering my own question just for closure's sake.
我的SSO不能正常运行的原因是,现有的主要网站具有自己的Cookie和会话管理器,并且不受Forms身份验证规则的影响.它会呼叫
The reason why my my SSO was not working is because the main, existing website has its own cookie and session manager, and does not play by the rules of Forms authentication. It calls
FormsAuthentication.SignOut();
登录完成后不久.
我在3个不同的网站,MVC和WebForms的混合,不同的管道(集成与经典),我们的自定义成员资格提供程序中尝试了上述配置,并且一切都非常出色.
I tried the configurations mentioned above with 3 different websites, a mixture of MVC and WebForms, different pipelines (integrated vs classic), with our custom membership provider, and it all worked marvellously.
因此,只要您的应用程序不使用表单身份验证做一些有趣的事情,上面定义的步骤就应该起作用.
So the steps defined above should work as long as your application does not do funny things with forms authentication.