C# 共享cookie.net Core 3和Asp.net
尝试通过以下microsoft文档共享身份验证cookie: 这是我的Startup.vb,来自旧的Webforms项目C# 共享cookie.net Core 3和Asp.net,c#,asp.net,asp.net-core,.net-core,blazor,C#,Asp.net,Asp.net Core,.net Core,Blazor,尝试通过以下microsoft文档共享身份验证cookie: 这是我的Startup.vb,来自旧的Webforms项目 <Assembly: OwinStartup("Me", GetType(Startup))> Public Class Startup Public Sub Configuration(ByVal app As IAppBuilder) Dim opt = New CookieAuthenticationOptions
<Assembly: OwinStartup("Me", GetType(Startup))>
Public Class Startup
Public Sub Configuration(ByVal app As IAppBuilder)
Dim opt = New CookieAuthenticationOptions
opt.AuthenticationType = "Identity.Application"
opt.CookieName = ".SSO"
opt.LoginPath = New PathString("/Login.aspx")
opt.CookieDomain = "localhost"
opt.CookieHttpOnly = False
opt.CookieSecure = CookieSecureOption.SameAsRequest
Dim proc = DataProtectionProvider.Create(New DirectoryInfo("c:\Temp\DataKeys"), Function(s) s.SetApplicationName("MyApp")).CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2")
Dim shim = New DataProtectorShim(proc)
opt.CookieManager = New ChunkingCookieManager()
opt.TicketDataFormat = New AspNetTicketDataFormat(shim)
app.UseCookieAuthentication(opt)
End Sub
End Class
公营创业
公共子配置(ByVal应用程序作为IAppBuilder)
Dim opt=新CookieAuthenticationOptions
opt.AuthenticationType=“Identity.Application”
opt.CookieName=“.SSO”
opt.LoginPath=新路径字符串(“/Login.aspx”)
opt.CookieDomain=“localhost”
opt.CookieHttpOnly=False
opt.CookieSecure=CookieSecureOption.SameAsRequest
Dim proc=DataProtectionProvider.Create(新目录信息(“c:\Temp\DataKeys”)、函数s.SetApplicationName(“MyApp”)).CreateProtector(“Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware”、“Cookies”、“v2”)
尺寸垫片=新数据保护器HIM(过程)
opt.CookieManager=New ChunkingCookieManager()
opt.TicketDataFormat=新AspNetTicketDataFormat(垫片)
应用程序UseCookieAuthentication(opt)
端接头
末级
下面是.net core 3应用程序的启动
public class Startup
{
public Startup(IConfiguration configuration, IWebHostEnvironment env)
{
Configuration = configuration;
Environment = env;
}
public IWebHostEnvironment Environment { get; }
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages();
services.AddServerSideBlazor().AddHubOptions(o =>
{
o.MaximumReceiveMessageSize = 2000 * 1024 * 1024; // 10MB
});
services.AddSingleton<IConfiguration>(Configuration);
services.AddSingleton<IJwtHandler, JwtHandler>();
services.Configure<TokenSettings>(Configuration.GetSection("Token"));
services.AddSingleton<IWebHostEnvironment>(Environment);
services.AddHttpContextAccessor();
services.AddScoped<HttpContextAccessor>();
services.AddFileReaderService();
services.AddTelerikBlazor();
services.AddSweetAlert2();
services.AddSingleton<WeatherForecastService>();
services.Configure<AnimateOptions>(options =>
{
options.Animation = Animations.Fade;
options.Duration = TimeSpan.FromMilliseconds(200);
});
services.AddDataProtection()
.PersistKeysToFileSystem(new System.IO.DirectoryInfo(@"C:\Temp\DataKeys"))
.SetApplicationName("MyApp");
services.AddAuthentication("Identity.Application")
.AddCookie("Identity.Application", options =>
{
options.Cookie = new CookieBuilder
{
Domain = "localhost",
Name = ".SSO",
SameSite = SameSiteMode.Lax,
HttpOnly= false,
SecurePolicy = CookieSecurePolicy.SameAsRequest,
IsEssential = true
};
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapBlazorHub();
endpoints.MapFallbackToPage("/_Host");
});
}
}
公共类启动
{
公共启动(IConfiguration配置,IWebHostEnvironment环境)
{
配置=配置;
环境=环境;
}
公共IWebHostEnvironment环境{get;}
公共IConfiguration配置{get;}
//此方法由运行时调用。请使用此方法将服务添加到容器中。
//有关如何配置应用程序的更多信息,请访问https://go.microsoft.com/fwlink/?LinkID=398940
public void配置服务(IServiceCollection服务)
{
services.AddRazorPages();
services.AddServerSideBlazor().AddHubOptions(o=>
{
o、 MaximumReceiveMessageSize=2000*1024*1024;//10MB
});
services.AddSingleton(配置);
services.AddSingleton();
services.Configure(Configuration.GetSection(“令牌”));
服务。AddSingleton(环境);
AddHttpContextAccessor();
services.addScope();
AddFileReaderService();
services.AddTelerikBlazor();
services.AddSweetAlert2();
services.AddSingleton();
配置(选项=>
{
options.Animation=Animations.Fade;
options.Duration=TimeSpan.From毫秒(200);
});
services.AddDataProtection()
.PersistKeySystem(新的System.IO.DirectoryInfo(@“C:\Temp\DataKeys”))
.SetApplicationName(“MyApp”);
services.AddAuthentication(“Identity.Application”)
.AddCookie(“Identity.Application”,选项=>
{
options.Cookie=新的CookieBuilder
{
Domain=“localhost”,
Name=“.SSO”,
SameSite=SameSiteMode.Lax,
HttpOnly=false,
SecurePolicy=CookieSecurePolicy.SameAsRequest,
等本质=真
};
});
}
//此方法由运行时调用。请使用此方法配置HTTP请求管道。
public void配置(IApplicationBuilder应用程序、IWebHostEnvironment环境)
{
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
其他的
{
app.UseExceptionHandler(“/Error”);
//默认的HSTS值为30天。您可能希望在生产场景中更改此值,请参阅https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(端点=>
{
endpoints.MapControllers();
endpoints.MapBlazorHub();
endpoints.MapFallbackToPage(“/_主机”);
});
}
}
我登录到遗留Webforms应用程序,一切正常。我尝试导航到.net core 3应用程序,它说我没有经过身份验证,它确实传递了cookie。我不确定我做错了什么?我最终在很大程度上弄明白了这一点 在.net Core 3应用程序上,如果计划从.net Core应用程序生成密钥,则可以删除“DisableAutomaticKeyGeneration()”调用
var proc = DataProtectionProvider.Create(new DirectoryInfo(Configuration["SSO:KeyLocation"].ToString()), (builder) => { builder.SetApplicationName("MyApp").ProtectKeysWithDpapi().DisableAutomaticKeyGeneration(); })
.CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2");
services.AddAuthentication("Identity.Application")
.AddCookie("Identity.Application", options =>
{
options.TicketDataFormat = new TicketDataFormat(proc);
options.SlidingExpiration = true;
options.Cookie = new CookieBuilder
{
Domain = Configuration["SSO:Domain"].ToString(),
Name = ".SSO",
SecurePolicy = CookieSecurePolicy.None,
IsEssential = true,
};
});
在.Net Framework应用程序上,如果web应用程序不是在应用程序池的同一服务帐户下运行,则可以删除“ProtectKeysWithDpapi()”
此外,您需要确保在两个应用程序上都安装了此版本的nuget软件包,
Microsoft.AspNetCore.DataProtection v3.1.3
Dim opt = New CookieAuthenticationOptions
opt.AuthenticationType = "Identity.Application"
opt.CookieName = ".SSO"
opt.LoginPath = New PathString("/Login.aspx")
opt.CookieDomain = ConfigurationManager.AppSettings("SSODomain")
opt.SlidingExpiration = True
Dim proc = DataProtectionProvider.Create(New DirectoryInfo(ConfigurationManager.AppSettings("SSOKeyLocation")), Function(s) s.SetApplicationName("MyApp").SetDefaultKeyLifetime(TimeSpan.FromDays(9000)).ProtectKeysWithDpapi()).CreateProtector("Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationMiddleware", "Cookies", "v2")
Dim shim = New DataProtectorShim(proc)
opt.TicketDataFormat = New AspNetTicketDataFormat(shim)
app.UseCookieAuthentication(opt)
对于localhost开发/测试,只需将域设置为“localhost”显示您的
启动
类和配置服务
方法您最终找到了吗?我的处境也一样。