问题
I have 2 MVC 4 applications deployed on IIS 7.5. I would like to achieve a single sign on all of them. I have following web.config settings in both the applications -
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" enableCrossAppRedirects="true" path="/" name=".MVCAuthCookie" timeout="45" defaultUrl="/" slidingExpiration="false" protection="All" cookieless="UseCookies" />
</authentication>
<machineKey
validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE"
decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F"
validation="SHA1" />
<authorization>
<deny users="?" />
</authorization>
When I logged in in the first app and I browse second application in a separate tab, it still takes me to the login page for the second app. I can see in fiddler that the MVCAuthcookie is indeed getting passed with the get request for second application.
What am I missing here?
回答1:
Turns out that I need to set compatibility mode for machinekey element to "Framework20SP2" as stated here - http://msdn.microsoft.com/en-us/library/system.web.configuration.machinekeysection.compatibilitymode.aspx which resolved the issue.
来源:https://stackoverflow.com/questions/23604687/how-to-do-single-sign-on-for-multiple-mvc-4-web-applications-on-iis-7-5