在表單身份驗證中使用ASP.Net Identity 2 Cookie

Question

我有一個Owin Identity應用程序，並在虛擬目錄中設置了另一個應用程序。該虛擬應用程序使用傳統的表單身份驗證進行設置，並且兩個Web.configs都具有相同的<machineKey>集合。我可以使用Identity應用程序登錄，並可以查看生成的cookie。但是，當我嘗試訪問虛擬應用程序時，它說我沒有通過身份驗證。

在標識的應用程序，我有以下設置：

app.UseCookieAuthentication(new CookieAuthenticationOptions 
{ 
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, 
    LoginPath = new PathString("/login.aspx"), 
    Provider = new CookieAuthenticationProvider 
    { 
    // Enables the application to validate the security stamp when the user logs in. 
    // This is a security feature which is used when you change a password or add an external login to your account. 
    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
     validateInterval: TimeSpan.FromMinutes(30), 
     regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) 
    } 
}); 

和虛擬應用程序，我有授權的設置如下：

<authorization> 
     <deny users="?" /> 
</authorization> 

任何指針，以獲得虛擬應用程序識別由Identity設置的Cookie？

Answer 1

該cookie包含身份驗證票證。此憑單的格式與Cookie身份驗證中間件與表單身份驗證不同。不可能讓FAM讀取由cookie認證中間件創建的cookie。也就是說，您可以編寫自己的HTTP模塊，類似於FAM，以讀取由cookie身份驗證中間件創建的cookie，就像這樣。

public class MyHttpModule : IHttpModule 
{ 
    public void Init(HttpApplication context) 
    { 
     context.AuthenticateRequest += OnApplicationAuthenticateRequest; 
    } 
    private static void OnApplicationAuthenticateRequest(object sender, EventArgs e) 
    { 
     var request = HttpContext.Current.Request; 
     var cookie = request.Cookies.Get(".AspNet.ApplicationCookie"); 
     var ticket = cookie.Value; 
     ticket = ticket.Replace('-', '+').Replace('_', '/'); 

     var padding = 3 - ((ticket.Length + 3) % 4); 
     if (padding != 0) 
      ticket = ticket + new string('=', padding); 

     var bytes = Convert.FromBase64String(ticket); 

     bytes = System.Web.Security.MachineKey.Unprotect(bytes, 
      "Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware", 
       "ApplicationCookie", "v1"); 

     using (var memory = new MemoryStream(bytes)) 
     { 
      using (var compression = new GZipStream(memory, 
               CompressionMode.Decompress)) 
      { 
       using (var reader = new BinaryReader(compression)) 
       { 
        reader.ReadInt32(); 
        string authenticationType = reader.ReadString(); 
        reader.ReadString(); 
        reader.ReadString(); 

        int count = reader.ReadInt32(); 

        var claims = new Claim[count]; 
        for (int index = 0; index != count; ++index) 
        { 
         string type = reader.ReadString(); 
         type = type == "\0" ? ClaimTypes.Name : type; 

         string value = reader.ReadString(); 

         string valueType = reader.ReadString(); 
         valueType = valueType == "\0" ? 
             "http://www.w3.org/2001/XMLSchema#string" : 
             valueType; 

         string issuer = reader.ReadString(); 
         issuer = issuer == "\0" ? "LOCAL AUTHORITY" : issuer; 

         string originalIssuer = reader.ReadString(); 
         originalIssuer = originalIssuer == "\0" ? 
                issuer : originalIssuer; 

         claims[index] = new Claim(type, value, 
               valueType, issuer, originalIssuer); 
        } 

        var identity = new ClaimsIdentity(claims, authenticationType, 
                ClaimTypes.Name, ClaimTypes.Role); 

        var principal = new ClaimsPrincipal(identity); 

        System.Threading.Thread.CurrentPrincipal = principal; 
        HttpContext.Current.User = principal; 
       } 
      } 
     } 
    } 


    public void Dispose() { } 
} 

對於我在這裏所做的解釋，請轉到我的博客條目。

http://lbadri.wordpress.com/2014/11/23/reading-katana-cookie-authentication-middlewares-cookie-from-formsauthenticationmodule/

它太大了，在這裏解釋。