Web 应用程序和虚拟目录中的应用程序的单点登录

发布于 2024-08-20 22:43:25 字数 592 浏览 3 评论 0原文

为了对 Web 应用程序和虚拟目录中的 Web 应用程序启用单点登录，我将两个应用程序中的 machinekey 设置为相同：

<machineKey validationKey="xxx" decryptionKey="yy" validation="SHA1" />

单点登录工作正常，但现有用户无法再登录；他们的密码被拒绝。父应用程序中的机器密钥曾经是这样的：

<machineKey validationKey="xxx,IsolateApps" decryptionKey="yy,IsolateApps" validation="SHA1" />

我尝试了其他方法来使单点登录工作，但只要密钥包含“IsolateApps”，它就不会。我缺少什么？

我应该补充一点，在会员资格提供程序中，passwordFormat 设置为“加密”。因此，我假设密码是使用包含“IsolateApps”的密钥加密的，现在当它尝试验证密码时，它使用的是不带“IsolateApps”的密钥。仍然不确定如何解决这个问题。有没有一种方法可以将密码的加密密钥与用于身份验证 cookie 的加密密钥分开设置？

原文

To enable single sign-on for a web application and a web application in a virtual directory, I set the machinekey in both apps to the same:

<machineKey validationKey="xxx" decryptionKey="yy" validation="SHA1" />

The single sign on works just fine, but existing users can't sign in any more; their passwords are rejected. The machinekey used to be this in the parent application:

<machineKey validationKey="xxx,IsolateApps" decryptionKey="yy,IsolateApps" validation="SHA1" />

I tried other ways to make single sign on work, but it just won't as long as the keys contain "IsolateApps". What am I missing?

I should add that the in the membership provider, passwordFormat is set to "Encrypted". So I assume the password was encrypted using the key that contained "IsolateApps" and now when it tries to validate the password it's using the key without the "IsolateApps". Still not sure how to solve that problem. Is there maybe a way that I can set the encryption keys for the password separately from the one that is used for the authentication cookie?

分享到QQ

分享到微博