We are trying to build a cross-domain single-sign on solution using ASP.NET MVC.
开发者_运维百科Any existing solutions or tutorials available ?
If you web applications are on the same server and same domain then all you need to do is insure that the Validationkey and encryption key are the same in the web config (machineKey).
In your example you will need to append the authentication ticket to the query string, to transport it back to the other domain, for example:
public void Login(string userName, string password)
{
if(AuthenticateUser(userName,password))
{
Response.Redirect(String.format("{0}?{1}={2}"),
Request.QueryString["ReturnUrl"],
FormsAuthentication.FormsCookieName,
FormsAuthentication.GetAuthCookie(userName, false).Value));
}
}
On the local application you have to enable cookieless forms authentication, and allow authenticated users to come from external applications by setting enableCrossAppRedirect.
<authentication mode="Forms">
<forms enableCrossAppRedirect="true" cookieless="useUri" />
</authentication>
Notes:
See also FormsAuthentication.RedirectFromLoginPage - http://msdn.microsoft.com/en-us/library/ka5ffkce.aspx.
In my case ReturnUrl lost domain part of url :(
精彩评论