我有两个应用程序,一个是用ASP.NET MVC5编写的旧应用程序,另一个是用ASP.NET Core 2.2编写的新应用程序。我想将在ASP.NET Core应用程序中创建的cookie共享给ASP.NET MVC5。 我尝试了本文 docs.microsoft/zh-cn/aspnet/core/security/cookie-sharing?view=aspnetcore-2.2 ,但我的ASP.NET MVC5似乎找不到曲奇饼。 (也许是因为我没有为用户使用Microsoft.Identity?)使用以下配置(Startup.cs)在ASP.NET Core中创建cookie:
I have two application, the old one written in ASP.NET MVC5 and the new one written in ASP.NET Core 2.2. I want to share the cookie created in the ASP.NET Core application to the ASP.NET MVC5. I tried what is explained in this article docs.microsoft/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-2.2 but seems that my ASP.NET MVC5 doesn’t find the cookie. (Maybe because I’m not using Microsoft.Identity for the users?) The cookie is created in ASP.NET Core with this configuration (Startup.cs):
public void ConfigureServices(IServiceCollection services) { // Cookie services.Configure<CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); services.AddDataProtection() .PersistKeysToFileSystem(new DirectoryInfo(@"c:\temp\shared-auth-ticket-keys\")) .SetApplicationName(CookieConst.SHARED_APP_NAME); services .AddAuthentication(CookieConst.AUTHENTICATION_TYPE) .AddCookie(CookieConst.AUTHENTICATION_TYPE, options => { options.Cookie.HttpOnly = false; options.LoginPath = new PathString("/login"); options.LogoutPath = new PathString("/login"); options.AccessDeniedPath = new PathString("/login"); options.Cookie.HttpOnly = false; options.Cookie.SameSite = SameSiteMode.None; options.Cookie.Name = CookieConst.AUTHENTICATION_SCHEME; options.Cookie.Path = "/"; options.Cookie.Domain = "localhost"; options.DataProtectionProvider = DataProtectionProvider.Create( new DirectoryInfo(@"c:\temp\shared-auth-ticket-keys\"), (builder) => { builder.SetApplicationName(CookieConst.SHARED_APP_NAME); }).CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", CookieConst.AUTHENTICATION_TYPE, "v2"); }); … }cookie是使用以下通过登录调用的代码创建的:
The cookie is created with this code called by login:
public void Validate() { AuthenticationProperties authenticationProperties; ClaimsPrincipal principal; string cultureName; var expireTime = DateTimeHelper.GetNowDate().AddMinutes(CookieConst.EXPIRE_TIME_IN_MINUTES); authenticationProperties = new AuthenticationProperties() { AllowRefresh = true, IsPersistent = true, ExpiresUtc = expireTime }; // Add Authentication Cookie var claims = new List<Claim> { new Claim(ClaimTypes.Name, "test"), new Claim(BeanClaimTypes.User, "-1"), new Claim(BeanClaimTypes.Company, "-1"), new Claim(BeanClaimTypes.Roles, "testRole"), new Claim(BeanClaimTypes.Permissions, "testPermission"), new Claim(BeanClaimTypes.Culture, "en-US") }; var identity = new ClaimsIdentity(claims, CookieConst.AUTHENTICATION_TYPE); principal = new ClaimsPrincipal(identity); HttpContext.SignInAsync(CookieConst.AUTHENTICATION_TYPE, principal, authenticationProperties); }在ASP.NET MVC5应用程序中,此配置为(Startup.Auth。 cs):
In the ASP.NET MVC5 application this is the configuration (Startup.Auth.cs):
public void ConfigureAuth(IAppBuilder app) { //// Configure the db context, user manager and signin manager to use a single instance per request //app.CreatePerOwinContext(ApplicationDbContext.Create); //app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); //app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = CookieConst.AUTHENTICATION_TYPE, CookieName = CookieConst.AUTHENTICATION_SCHEME, LoginPath = new PathString("/Account/Login"), Provider = new CookieAuthenticationProvider { OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>( validateInterval: TimeSpan.FromMinutes(30), regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) }, TicketDataFormat = new AspNetTicketDataFormat( new DataProtectorShim( DataProtectionProvider.Create(new DirectoryInfo(@"c:\temp\shared-auth-ticket-keys\"), (builder) => { builder.SetApplicationName(CookieConst.SHARED_APP_NAME); }) .CreateProtector( "Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", CookieConst.AUTHENTICATION_TYPE, "v2"))), CookieManager = new ChunkingCookieManager() }); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); System.Web.Helpers.AntiForgeryConfig.UniqueClaimTypeIdentifier = "schemas.xmlsoap/ws/2005/05/identity/claims/name"; }我不了解CookieAuthenticationOptions的注释部分和Provider属性,因为我我没有使用Microsoft。Identity,而且我不知道如何读取Cookie并解析它以填充ASP.NET MVC5主体。
I don't understand the commented part and Provider property of CookieAuthenticationOptions, because I’m not using Microsoft.Identity and I don’t know how to read the cookie and "parse" it to have the ASP.NET MVC5 principal filled.
什么是我做错了吗? 谢谢
What am I doing wrong? Thanks
推荐答案options.Cookie.Domain = "localhost";
为此本地主机删除此
delete this this for local host
更多推荐
在ASP.NET Core 2.2和ASP之间共享Cookie身份验证。没有Microsoft.Identity的NET MVC 5(.NET Framewor
发布评论