ASP.NET 身份验证和提供程序
我正在尝试从本地主机上的一个网站导航到本地主机上的第二个网站。
这两个网站都有自己的会员提供商。 我正在尝试使用 FormsAuthorizationTicket 从站点 #1 将用户单点登录到站点 #2。
目前我收到此错误: System.Security.Cryptography.CryptographicException:填充无效且无法删除
到目前为止我已采取的步骤包括: 将元素设置为特定键值 将验证和加密的machineKey属性设置为“3DES” 通过日志验证加密票证在 #2 网站中的值与 #1 网站中给出的值相同。
我的代码在这里:
*FormsAuthentication.Initialize();
FormsAuthenticationTicket newTicket = new
FormsAuthenticationTicket(1 // Ticket Version
, Login1.UserName // User Name
, DateTime.Now // Creation Date
, DateTime.Now.AddDays(1) // Expiration Date
, true // Is Persistant
, Login1.UserName); // This should be a list of Roles
string strEncyptedTicket = FormsAuthentication.Encrypt(newTicket);
HttpCookie myCookie = new HttpCookie("cryptCookie", strEncyptedTicket);
myCookie.Values.Add("username", Login1.UserName);
myCookie.Values.Add("cryptTick", strEncyptedTicket);
Response.Cookies.Add(myCookie);*
在网站 #2 中,我创建了一个登陆页面来验证票证并重定向到仅限会员的页面。 在解密期间,我收到上面指定的错误。
这是我在网站 #2 上的登陆页面代码:
*FormsAuthenticationTicket fat2 = FormsAuthentication.Decrypt(Request.Cookies["cryptCookie"].Values["cryptTick"]);
MembershipUser mu = Membership.GetUser(Request.Cookies["cryptCookie"].Values["username"]);
if (mu == null)
{
lblInfo.Text += "member not found";
return;
}
Response.Redirect(@"~\MemberPages\MemberPage.aspx");*
如果有人有想法可以提供帮助,我将很乐意尝试。
I am trying to navigate from one website on my localhost to second website on my localhost.
Both sites have their own membership provider. I'm trying to use a FormsAuthorizationTicket from site #1 to SSO a user into site #2.
Currently I'm getting this error:
System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed
Steps I have taken up to this point include:
Setting the element to specific key values
Set the machineKey attributes of validation and encryption to "3DES"
Verified through logging that the encrypted ticket has the same value in the #2 website as it was given in the #1 website.
My code is here:
*FormsAuthentication.Initialize();
FormsAuthenticationTicket newTicket = new
FormsAuthenticationTicket(1 // Ticket Version
, Login1.UserName // User Name
, DateTime.Now // Creation Date
, DateTime.Now.AddDays(1) // Expiration Date
, true // Is Persistant
, Login1.UserName); // This should be a list of Roles
string strEncyptedTicket = FormsAuthentication.Encrypt(newTicket);
HttpCookie myCookie = new HttpCookie("cryptCookie", strEncyptedTicket);
myCookie.Values.Add("username", Login1.UserName);
myCookie.Values.Add("cryptTick", strEncyptedTicket);
Response.Cookies.Add(myCookie);*
In website #2 I created a landing page to verify the ticket and redirect to a members only page. During decryption is when I get the error specified above.
Here is my landing page code on website #2:
*FormsAuthenticationTicket fat2 = FormsAuthentication.Decrypt(Request.Cookies["cryptCookie"].Values["cryptTick"]);
MembershipUser mu = Membership.GetUser(Request.Cookies["cryptCookie"].Values["username"]);
if (mu == null)
{
lblInfo.Text += "member not found";
return;
}
Response.Redirect(@"~\MemberPages\MemberPage.aspx");*
If anyone has an idea to help I'll be happy to try.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
两个站点需要共享相同的计算机密钥。
Both sites need to share the same machine key.
伊恩是正确的,因为您的站点需要有一个匹配的机器密钥。 此外,您需要确保您的会员提供商具有相同的设置,特别是在密码加密方面。
另外,为什么你完全用代码来处理这个问题? 您应该能够使用两个站点的 Web.Config 非常轻松地配置此功能。 本质上,您正在做大量返工并在不必要的地方引入潜在的问题区域(除非您有此处未说明的原因)。
Ian is correct in that your sites need to have a matching machine key. Also, you need to make sure that your membership providers have the same setting, particularly concerning password encryption.
Also, why are you handling this completely in code? You should be able to configure this functionality withing the Web.Config of both sites very easily. In essence, you are doing a lot of rework and introducing potential problem areas where it is not necessary (unless you have reason that you have not stated here).