Last active
August 17, 2016 14:25
SSO for MVC4 and MVC5 shared the same domain
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using Microsoft.Owin.Security; | |
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Text; | |
| using System.Web.Security; | |
| namespace MVC5.App_Start | |
| { | |
| public class MyTicketDataFormat : ISecureDataFormat<AuthenticationTicket> | |
| { | |
| public string Protect(AuthenticationTicket data) | |
| { | |
| return FormsAuthentication.Encrypt(new FormsAuthenticationTicket(data.Identity.Name, false, -1)); | |
| } | |
| public AuthenticationTicket Unprotect(string protectedText) | |
| { | |
| FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(protectedText); | |
| FormsIdentity identity = new FormsIdentity(ticket); | |
| return new AuthenticationTicket(identity, new AuthenticationProperties()); | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| app.UseCookieAuthentication(new CookieAuthenticationOptions | |
| { | |
| TicketDataFormat = new MyTicketDataFormat(), | |
| CookieDomain = "example.com", | |
| CookieName = "sso", | |
| AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, | |
| LoginPath = new PathString("/Account/Login"), | |
| Provider = new CookieAuthenticationProvider | |
| { | |
| OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>( | |
| validateInterval: TimeSpan.FromMinutes(30), | |
| regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) | |
| } | |
| }); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <machineKey | |
| validationKey="2E0155E48D33568B065CCAD56E4DC79AAA92132C796D804A3E122A879FEEAF63BDF42F18F82024CA5455CBA09449A4CA415A1F832CE32F0B5987C76869B487C5" | |
| decryptionKey="7C5B4C77478EDBE37D801FE4BD4228DE74A88DC1E2EFC85B62AE40602FD8B751" | |
| validation="SHA1" | |
| decryption="AES" /> | |
| <authentication mode="Forms"> | |
| <forms loginUrl="~/Account/Login" timeout="2880" name="sso" domain="example.com" /> | |
| </authentication> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <machineKey | |
| validationKey="2E0155E48D33568B065CCAD56E4DC79AAA92132C796D804A3E122A879FEEAF63BDF42F18F82024CA5455CBA09449A4CA415A1F832CE32F0B5987C76869B487C5" | |
| decryptionKey="7C5B4C77478EDBE37D801FE4BD4228DE74A88DC1E2EFC85B62AE40602FD8B751" | |
| validation="SHA1" | |
| decryption="AES" /> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for your code. Where are the ApplicationUserManager and ApplicationUser defined?