asp.net mvc - Can a forms authentication cookie .ASPXAUTH be used to assign a user to a MVC 5 OWIN application's context? -


can .aspxauth forms authentication cookie used in mvc 5 owin-based application create user in httpcontext.user property?

both applications share same machinekey , domain/server same. .aspxauth cookie available in mvc 5 application's owincontext.request.cookies collection.

in mvc 5 owin-based project:

you should think several things.

that's how works me:

  1. do things described in this article (see github project)

    • dont forget set "compatibilitymode" machinekey tag in web.config in both projects example <machinekey compatibilitymode="framework20sp1" validationkey="..."/>
    • validationkey, decryptionkey, validation , description should same in both sites.
  2. then had rewrite methods protect

    public string protect(authenticationticket data) {     var ticket = new formsauthenticationticket(         2, data.identity.name,          datetime.now, datetime.now.addminutes(2880), true, "");     var ret = formsauthentication.encrypt(ticket);     return ret; } 

    because ticked described alex yang "dead" (expired), , unprotect

    public authenticationticket unprotect(string protectedtext) {     var ticket = formsauthentication.decrypt(protectedtext);     var mngr = httpcontext.current.getowincontext()                 .getusermanager<appusermanager>();     var user = mngr.findbyname(ticket.name);     var identity = mngr.createidentity(                      user, defaultauthenticationtypes.applicationcookie);     return new authenticationticket(identity, new authenticationproperties()); } 

    because onvalidateidentity didnt work me , alex yang created output new formsauthenticationidentity, needed claimsidentity.

  3. if want use version alex yang, dont forget add method used in onvalidateidentity had forgot describe :) add appuser class

    public async task<claimsidentity> generateuseridentityasync( usermanager<appuser> manager) {     // note authenticationtype must match 1      // defined in cookieauthenticationoptions.authenticationtype     var useridentity =         await manager.createidentityasync(this,             defaultauthenticationtypes.applicationcookie);     // add custom user claims here     return useridentity; } 

after done that, in both sites .aspxauth cookie accepted/generated right.


Comments

Popular posts from this blog

java - Custom OutputStreamAppender not run: LOGBACK: No context given for <MYAPPENDER> -

java - UML - How would you draw a try catch in a sequence diagram? -

c++ - No viable overloaded operator for references a map -