我在设置应用程序之间的SSO时遇到问题,在创建Cookie的应用程序中,我有:
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), // LogoutPath = new PathString("/Account/Logout"), // ExpireTimeSpan = TimeSpan.FromDays(1), CookieName = "mycookie", CookieDomain = ".mydomain.com", });当在本地测试时,我会得到我期望的结果
Cookie =名称:mycookie,域名:.mydomain.com
但是,当我去我们的测试环境时,我会得到
Cookie =名称:mycookie,域名:oauth.mydomain.com
由于cookie具有域的根,所以它不适用于其他应用程序。 我已经做了我能想到的所有事情,但它似乎并不想使用配置中指定的域。
更新:在使用SSL时从IIS7环境托管时出现这是一个问题。 当不在IIS7中使用SSL或者在使用IIS8部署到我们的UAT环境时,它会按预期工作。
使用SSL时,它也不能正确重定向。 我认为这个问题也是相关的。
当我点击http://site.domain.com时,我被重定向到
http://auth.domain.com/account/login?returnUrl=site.domain.com
如预期的那样,但是如果启用SSL,我将重定向到
https:// site.domain.com /account/login?returnurl=site.domain.com
I am having a problem with setting up SSO between our apps, In the application that creates the cookie I have:
app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), // LogoutPath = new PathString("/Account/Logout"), // ExpireTimeSpan = TimeSpan.FromDays(1), CookieName = "mycookie", CookieDomain = ".mydomain.com", });When testing this locally I get the result I expect
Cookie = Name: mycookie, Domain: .mydomain.com
However when I go to our test environment I get
Cookie = Name: mycookie, Domain: oauth.mydomain.com
Since the cookie has the root of the domain it does not work in the other applications. I have done everything I can think of but it just does not seem to want to use the domain specified in the configuration.
Update: It appears this is a problem when hosting from an IIS7 environment when using SSL. When not using SSL in IIS7 or when deployed to our UAT enviroment with IIS8 it works as expected.
When using SSL it is also not redirecting correctly. I think this problem is also related.
When I hit http://site.domain.com I am redirected to
http://auth.domain.com/account/login?returnUrl=site.domain.com
as expected, however If SSL is enabled I am redirected to
https://site.domain.com/account/login?returnurl=site.domain.com
最满意答案
所以看起来问题发生在防火墙/代理服务器后面。
So It looks like the problem is happening within a firewall/proxy those servers sit behind.
更多推荐
发布评论