访问另一个url时如何通过用户认证?
假设我有一个网络应用程序 MyApp。当我访问这个网络应用程序时,我输入了用户身份验证信息(用户名和密码),然后从这个网站访问另一个网站,例如 YourSite,它也会要求身份验证。对于两个站点来说,相同的身份验证应该没问题。
所以我想用代码将MyApp上的用户身份验证数据传递到YourSite。然后我编写一个 http 处理程序,如下所示:
public void ProcessRequest(HttpContext context)
{
string url = "http://YourSite/page/...";
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
CredentialCache myCache = new CredentialCache();
NetworkCredential netCredential = new NetworkCredential("myname", "mypassword", "");
myCache.Add(new Uri(url), "Basic", netCredential);
myCache.Add(new Uri(url), "Digest", netCredential);
myCache.Add(new Uri(url), "Negotiate", netCredential);
myReq.Credentials = myCache;
//.....
}
但我不想在代码中设置用户名和密码,我想将当前用户身份验证数据传递到 YourSite。
如何实现这个要求呢?
==========关于我的情况的Moro信息: MyApp 是在 IIS(Windows 身份验证)上运行的 Asp.NET wep 应用程序。 YourSite 是一个在另一个机器上的 Tomcat 上运行的 Java 应用程序。 这两个应用程序都配置为使用同一 Windows 域服务器上的 Windows Active Directory 用户帐户。
============更多信息: 我将上面的代码更改为(尝试使用当前凭据):
public void ProcessRequest(HttpContext context)
{
string url = "http://YourSite/page/...";
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
myReq.Credentials = CredentialCache.DefaultCredentials;
//.....
}
但无法通过身份验证。
Suppose I have a web app MyApp. When I access this web app, I have input user authentication info( user name and password), then from this site, want to visit another site say YourSite which will ask authentication too. Same authentication should be fine for both site.
So I want to pass user authentication data on MyApp to YourSite in code. Then I write a http handler like:
public void ProcessRequest(HttpContext context)
{
string url = "http://YourSite/page/...";
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
CredentialCache myCache = new CredentialCache();
NetworkCredential netCredential = new NetworkCredential("myname", "mypassword", "");
myCache.Add(new Uri(url), "Basic", netCredential);
myCache.Add(new Uri(url), "Digest", netCredential);
myCache.Add(new Uri(url), "Negotiate", netCredential);
myReq.Credentials = myCache;
//.....
}
But I don't want to set user name and password in code, I want to pass current user authentication data to YourSite.
How to implement this request?
==========Moro info about my situation:
MyApp is Asp.NET wep app runing on IIS(windows authentication).
YourSite is a Java app runing on Tomcat on another box.
Both apps are configured to use Windows Active Directory user account on same windows domain server.
============More info:
I change above code as(try to use current credential):
public void ProcessRequest(HttpContext context)
{
string url = "http://YourSite/page/...";
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(url);
myReq.Credentials = CredentialCache.DefaultCredentials;
//.....
}
but can't passed the authentication.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您能否在 YourSite 页面上使用 MyApp 网站的 1 像素 x 1 像素 iframe,然后通过 javascript/ajax 传递信息?我想我会同意 Darin 的评论并建议使用 OpenID,但这可能是一个选择。我还没有尝试过,所以请告诉我是否有效:)
Could you use a 1 pixel by 1 pixel iframe of the MyApp website on the YourSite page, then pass information via javascript/ajax? I suppose I would go with Darin's comment and suggest OpenID, but this may be an option. I haven't tried it, so let me know if it works :)
如果您的应用程序在同一顶级域(myapp.abc.com 和 yourapp.abc.com)上运行,则只需在应用程序 web.config 中设置即可轻松使用表单身份验证和成员资格提供程序:
Asp.net 表单身份验证和多个域
Scott Gu 的博客
如果域不同,您可以使用 SSO(单点登录)解决方案,例如:
http://singlesignon.codeplex.com/
If your applications are running on the same top level domain (myapp.abc.com and yourapp.abc.com), it would be easy by using Forms Authentication and Membership Provider by just setting in your applications web.config:
Asp.net forms authentication and multiple domains
Scott Gu's Blog
If the domains are different, you could use SSO (sing sign on) solutions like:
http://singlesignon.codeplex.com/