Question

我们正在使用Cookie和WsFederation中间件对ADFS服务器进行身份验证。一切都运行正常，但生成cookie总是会话过期。

当用户关闭并重新打开浏览器时，他们需要重新登录。

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType,
            CookieDomain = "...some domain..."
        });

        app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
        {
            MetadataAddress = ConfigurationManager.AppSettings[AdfsMetadataAddress],
            Wtrealm = ConfigurationManager.AppSettings[AppWtRealm],
            UseTokenLifetime = false
        });

为了在浏览器端保持cookie，我们需要做些什么？

非常感谢提前〜

Answer 1

添加CookieAuthenticationProvider，您可以在其中设置到期日期

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType,
        CookieDomain = "...some domain...",
        Provider = new CookieAuthenticationProvider
        {
            OnResponseSignIn = context =>
            {
                context.Properties.ExpiresUtc = DateTimeOffset.UtcNow.AddDays(30);
                context.Properties.IsPersistent = true;
            }
        }
    });

如何避免Owin Federation身份验证的会话过期cookie？

1 个答案: