对于Url xyz.com(对于第一个Web应用程序项目):
登录用户时,我将信息存储在登录页面中的cookie中:
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
serializeModel.UserEmail,
DateTime.Now,
DateTime.Now.AddMinutes(55),
_rememberme,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
这是Global.asax:
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
try
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
CustomPrincipal newUser = new CustomPrincipal(authTicket.Name);
newUser.UserID = serializeModel.UserID;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.ProfilePicture = serializeModel.ProfilePicture;
newUser.UserCode = serializeModel.UserCode;
newUser.UserEmail = serializeModel.UserEmail;
newUser.UserType = serializeModel.UserType;
newUser.Fk_Parent = serializeModel.Fk_Parent;
newUser.CompanyID = serializeModel.CompanyID;
newUser.isSASS = serializeModel.isSASS;
newUser.Commission = serializeModel.Commission;
newUser.CommissionManager = serializeModel.CommissionManager;
newUser.ISACount = serializeModel.ISACount;
HttpContext.Current.User = newUser;
}
catch (Exception ex)
{
HttpContext.Current.User = null;
}
}
}
interface ICustomPrincipal : IPrincipal
{
int UserID { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string ProfilePicture { get; set; }
Guid UserCode { get; set; }
string UserEmail { get; set; }
int UserType { get; set; }
int Fk_Parent { get; set; }
string CompanyID { get; set; }
Nullable<bool> isSASS { get; set; }
double? Commission { get; set; }
double? CommissionManager { get; set; }
Nullable<int> ISACount { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) {
string inRole = string.Empty;
inRole =Enum.GetName(typeof(UserType), UserType);
if (inRole == role)
{
return true;
}
else
{
return false;
}
}
public CustomPrincipal(string email)
{
this.Identity = new GenericIdentity(email);
}
public int UserID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string ProfilePicture { get; set; }
public Guid UserCode { get; set; }
public string UserEmail { get; set; }
public int UserType { get; set; }
public int Fk_Parent { get; set; }
public string CompanyID { get; set; }
public Nullable<bool> isSASS { get; set; }
public double? Commission { get; set; }
public double? CommissionManager { get; set; }
public Nullable<int> ISACount { get; set; }
}
public class CustomPrincipalSerializeModel
{
public int UserID { get; set; }
public string FirstName { get; set; }
}
这是a.xyz.com(第二个Web应用程序项目)的子域(两个项目都在MVC5 c#中。
这是Global.asax:
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
try
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);
CustomPrincipal newUser = new CustomPrincipal(authTicket.Name);
newUser.UserID = serializeModel.UserID;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.ProfilePicture = serializeModel.ProfilePicture;
newUser.UserCode = serializeModel.UserCode;
newUser.UserEmail = serializeModel.UserEmail;
newUser.UserType = serializeModel.UserType;
newUser.Fk_Parent = serializeModel.Fk_Parent;
newUser.CompanyID = serializeModel.CompanyID;
newUser.isSASS = serializeModel.isSASS;
newUser.Commission = serializeModel.Commission;
newUser.CommissionManager = serializeModel.CommissionManager;
newUser.ISACount = serializeModel.ISACount;
HttpContext.Current.User = newUser;
}
catch (Exception ex)
{
HttpContext.Current.User = null;
}
}
}
interface ICustomPrincipal : IPrincipal
{
int UserID { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string ProfilePicture { get; set; }
Guid UserCode { get; set; }
string UserEmail { get; set; }
int UserType { get; set; }
int Fk_Parent { get; set; }
string CompanyID { get; set; }
Nullable<bool> isSASS { get; set; }
double? Commission { get; set; }
double? CommissionManager { get; set; }
Nullable<int> ISACount { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role)
{
string inRole = string.Empty;
inRole = Enum.GetName(typeof(UserType), UserType);
if (inRole == role)
{
return true;
}
else
{
return false;
}
}
public CustomPrincipal(string email)
{
this.Identity = new GenericIdentity(email);
}
public int UserID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string ProfilePicture { get; set; }
public Guid UserCode { get; set; }
public string UserEmail { get; set; }
public int UserType { get; set; }
public int Fk_Parent { get; set; }
public string CompanyID { get; set; }
public Nullable<bool> isSASS { get; set; }
public double? Commission { get; set; }
public double? CommissionManager { get; set; }
public Nullable<int> ISACount { get; set; }
}
public class CustomPrincipalSerializeModel
{
public int UserID { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string ProfilePicture { get; set; }
public Guid UserCode { get; set; }
public string UserEmail { get; set; }
public int UserType { get; set; }
public int Fk_Parent { get; set; }
public string CompanyID { get; set; }
public Nullable<bool> isSASS { get; set; }
public double? Commission { get; set; }
public double? CommissionManager { get; set; }
public Nullable<int> ISACount { get; set; }
}
但问题是在第二个子域我总是得到空值。这是我存储的值,需要在第二个sudomain.in第二个子域global.asax验证我在authCookie总是得到空值
那我该怎么解决?
答案 0 :(得分:0)
我不确定它是否可行,但您可以尝试以这种方式配置web.config:
<forms name="CookieName" loginUrl="~/Account/LogOn" timeout="2880" requireSSL="false" slidingExpiration="false" domain="xyz.com" />
答案 1 :(得分:0)
首先,这只适用于子域名。 Cookie受域绑定,但您可以使用通配符域,因此您可以在a.xyz.com,b.xyz.com和xyz.com等域之间共享Cookie。但是,您永远不会与otherdomain.com分享。
共享cookie需要两个组件:
将Cookie域设置为.xyz.com
<forms ... domain=".xyz.com" />
但这只涵盖了您的身份验证Cookie。要添加手动Cookie,您需要同样设置您正在创建的Cookie的.Domain属性。
生成计算机密钥并为每个站点设置相同的计算机密钥。您可以通过转到服务器实例的“功能”视图并双击“计算机密钥”图标,在IIS中生成计算机密钥。选择一些验证和加密方法。我建议避免使用MD5和SHA1,因为两者都是极其脆弱的密码。然后,单击右侧边栏上的“生成密钥”。将以下标记添加到每个站点的Web.config中,并使用这些生成的值:
<machineKey validation="HMACSHA256" validationKey="..." decryptionKey="..." />
显然,如果那不是您选择的那个,那么您需要使用您在生成密钥时选择的验证方法来代替“HMACSHA256”。