时间戳

首页 > 解决方案 > Aspnet Mvc 5 - 共享 Owin cookie 身份验证在 IIS 8.5 上不起作用

asp.net-mvc - Aspnet Mvc 5 - 共享 Owin cookie 身份验证在 IIS 8.5 上不起作用

问题描述

我在 C# Core 3 和 VB.Net Dotnet Framework MVC 5 站点之间共享 owin ahthentication cookie。

在 IISEXPRESS 中,一切正常,但是当我将其部署到 IIS 8.5 (Windows Server 2012R2) 时,Dotnet Framework MVC 5 站点没有进行身份验证 - Core 3 站点进行了很好的身份验证。

Here's my VB.Net Dotnet Framework MVC 5 code:

Imports Microsoft.AspNetCore.DataProtection
Imports Microsoft.Owin
Imports Microsoft.Owin.Security.Cookies
Imports Microsoft.Owin.Security.Interop
Imports Owin


<Assembly: OwinStartupAttribute(GetType(Startup))>

Partial Public Class Startup

    Public Sub Configuration(app As IAppBuilder)
        Dim CompSharedCookiePath As String = ConfigurationManager.AppSettings("CompSharedCookiePath")

        app.UseCookieAuthentication(New CookieAuthenticationOptions() With {
            .AuthenticationType = "Identity.Application",
            .CookieName = ".CompSso.CompSsoSharedCookie",
            .LoginPath = New PathString("/"),
            .Provider = New CookieAuthenticationProvider() With {
                .OnApplyRedirect = Sub(ctx) ApplyRedirect(ctx)
            },
            .TicketDataFormat = New AspNetTicketDataFormat(
                New DataProtectorShim(
                    DataProtectionProvider.Create(New IO.DirectoryInfo(CompSharedCookiePath), Function(options) (options.SetApplicationName("CompSsoSharedCookie"))).CreateProtector(
                        "Microsoft.AspNetCore.Authentication.Cookies." +
                        "CookieAuthenticationMiddleware",
                        "Identity.Application",
                        "v2"))),
            .CookieManager = New ChunkingCookieManager()
        })

        System.Web.Helpers.AntiForgeryConfig.UniqueClaimTypeIdentifier = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
    End Sub


    Private Shared Sub ApplyRedirect(context As CookieApplyRedirectContext)
        Dim absoluteUri As Uri = Nothing
        If Uri.TryCreate(context.RedirectUri, UriKind.Absolute, absoluteUri) Then
            Dim path = PathString.FromUriComponent(absoluteUri)
            If path = context.OwinContext.Request.PathBase + context.Options.LoginPath Then
                context.RedirectUri = "/Home/Debug"
            End If
        End If

        context.Response.Redirect(context.RedirectUri)
    End Sub

End Class

IIS 8.5 应用程序池是 v4 集成的。

Microsoft.Owin.Host.SystemWeb 已部署。

该站点可以访问分片 cookie 文件夹。

我已遵循以下说明: https ://docs.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-3.1

知道为什么它没有获取 cookie 并进行身份验证吗?

谢谢。

标签: asp.net-mvcvb.netcookiesowin

解决方案

推荐阅读