ASP.NET网站和SharePoint之间的FBA身份验证
我们有在Windows 2008 R2上运行的SharePoint 2010网站和在Windows 2012上运行的asp.net网站...不同的服务器...相同的域.
We have SharePoint 2010 site running on Windows 2008 R2 and an asp.net site running on Windows 2012...different servers......same domain.
我需要在两个站点之间共享身份验证.我部署了一个自定义SP登录页面,该页面将对SharePoint进行身份验证,还可以调用Web服务对asp.net网站进行身份验证.
I need to share authentication between the 2 sites. I deployed a custom SP login page that will authenticate SharePoint and can also call a web service to authenticate asp.net site.
问题是,如果我在.net 4.0站点上进行身份验证,并且基于表单的身份验证创建了登录cookie,SharePoint炸弹了(下面的堆栈跟踪).一旦我从asp.net网站删除了FBA登录cookie,SharePoint就会加载而不会出现问题.什么是 导致SharePoint错误,因为FBA cookie存在于同一域中?
The problem is if I authenticate on the .net 4.0 site and a forms based authentication Login cookie is created SharePoint bombs out (stack trace below). As soon as I delete the FBA Login cookie from asp.net site SharePoint will load without issue. What is causing SharePoint to error out because an FBA cookie exists on same domain?
<compilation defaultLanguage="c#" debug="false" batch="false" tempDirectory="c:\net_tmp" targetFramework="4.5">Exception of type 'System.ArgumentException' was thrown.
Parameter name: encodedValue
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: Exception of type 'System.ArgumentException' was thrown.
Parameter name: encodedValue
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[ArgumentException: Exception of type 'System.ArgumentException' was thrown.
Parameter name: encodedValue]
Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String encodedValue) +26073286
Microsoft.SharePoint.Administration.Claims.SPClaimProviderManager.GetProviderUserKey(String encodedIdentityClaimSuffix) +296
Microsoft.SharePoint.SPGlobal.CreateSPRequestAndSetIdentity(SPSite site, String name, Boolean bNotGlobalAdminCode, String strUrl, Boolean bNotAddToContext, Byte[] UserToken, String userName, Boolean bIgnoreTokenTimeout, Boolean bAsAnonymous) +27983081
Microsoft.SharePoint.SPWeb.InitializeSPRequest() +223
Microsoft.SharePoint.WebControls.SPControl.EnsureSPWebRequest(SPWeb web) +365
Microsoft.SharePoint.WebControls.SPControl.SPWebEnsureSPControl(HttpContext context) +520
Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.GetContextWeb(HttpContext context) +27
Microsoft.SharePoint.ApplicationRuntime.SPRequestModule.PostResolveRequestCacheHandler(Object oSender, EventArgs ea) +918
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
我还测试了我在asp.net站点上进行身份验证并将登录cookie域更改为完整子域的情况.在这种情况下,用户在asp.net站点上通过了身份验证,并且SP可以加载,因为它看不到FBA cookie.错误是 仅在将FBA登录名创建为域cookie时抛出.
I have also tested out a situation where I authenticate on the asp.net site and change the login cookie domain to the full sub domain. In this case user is authenticated on asp.net site and SP can load because it doesn't see the FBA cookie. The error is only thrown if FBA Login is created as a domain cookie.