Within ASP.Net, you can use forms authentication in a distributed environment across single server or in a Web farm. By using forms authentication across multiple ASP.Net application the user don't need to re-authenticate when switching between applications. To configure your application to support forms authentication across applications you need use several configuration attributes in the <forms> section in the configuration file. Those settings must match for all applications that should be included in a shared forms authentication. The attributes that must match are, name, protection, path and the <machineKey> section's validationKey, decryptionKey and validation.
The following is an example of hoe the configuration file can be set up:
<configuration>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx"
name=".ASPXFORMSAUTH"
protection="All"
timeout="30"
path="/" />
</authentication>
<machineKey
validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1
742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C
39A104696DB51F17C529AD3CABE"
decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F"
validation="SHA1" />
</system.web>
</configuration>
You must use the same keys for the <machineKey> on every machine that will participate in a shared forms authentication, you can use autogenerated key. The encryption of the cookie data must be exactly the same if the authentication should work.
Note: If you use a cookie less authentication you need to enable the EnableCrossAppRedirects for the forms authentication.
If you want share the Membership, Roles and Profile feature between applications, you can set the ApplicationName for each feature to use the same name. The ApplicationName could be changed on a provider level in the configuration file, by adding the ApplicaitonName attribute to the provider, or by setting the ApplicationName property of the features main classes Membership, Roles etc to the same name.
沒有留言:
張貼留言