问题
Sigle-Sign-On between a 4.0 framework application and a 2.0 framework application seems to be broken.
I have an old application built on asp.net framework 2.0 and a new application built on asp.net framework 4.0 and I am attempting configure SSO between the two.
I have done all the proper configruation of setting up the same machine key with identical validationKey, decryptionKey, validation, and decryption attributes as well as identical authentication name, domain, protection, and path attributes.
Strangely, this configuration works fine on my local development machine: - Windows 7 Ultimate (Service Pack 1) - 2.0 app running in app pool set to v2.0 Integrated - 4.0 app running in app pool set to v4.0 Integrated
However, in the deployment server windows event log, I get "Forms authentication failed for the request. Reason: The ticket supplied was invalid.": - Windows Server 2008 R2 Standard (Service Pack 1) - 2.0 app running in app pool set to v2.0 Integrated - 4.0 app running in app pool set to v4.0 Integrated
I have checked, re-checked, and re-re-checked the machine key and authentication configuration on the deployment machine so I know for sure that this is not the issue.
Also, just for the sake of argument, on the deployment server, I even tried setting both applictions forms protection="None" just to see if encryption was the issue and the result is still the same.
Also, on the deployment server, all other v2.0 applications configured with the same SSO settings have no issue. Even those running in different application pools. In short, v2.0 to v2.0 works while v4.0 to v2.0 pukes.
Any suggestions?
回答1:
After several days of desperation this worked: in the 4.0 web.config configuration tag
<appSettings>
<add key="aspnet:UseLegacyFormsAuthenticationTicketCompatibility" value="true" />
<add key="aspnet:UseLegacyEncryption" value="true" />
<add key="aspnet:UseLegacyMachineKeyEncryption" value="true" />
</appSettings>
回答2:
Please see the answer to this question for tips on how to manage encryption between legacy web applications.
回答3:
If adding these appSetting keys doesn't work then try adjusting the Compatibility Mode of the MachineKey element, especially if one of your applications targets .NET 4.5:
http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx
来源:https://stackoverflow.com/questions/12164178/asp-net-forms-authentication-sso-between-4-0-and-2-0-applications