I am using ASP.net core 8 (Will upgrade to 9 when released).
I have 2 websites,the first is accessed internally inside the corporate network, using Windows authentication.
The other copy of the same site sits on an external facing web server and uses cookie authentication.
One of the key issues with this is when the web site changes, I am required to publish the code in two locations (same code, just different AppSettings.Production.json files)
What I am trying to achieve is instead of having 2 copies of the same website running 2 different auth schemes, I instead just have the 1 copy which is using cookie, but I have another web site that’s windows auth, which creates the cookie for the main site automatically based on the current user.
This allows the user to be logged in using a cookie set via the standard login page (outside network) or via the other website using windows auth (internal access).
To try and archive this I created a test solution containing 2 web sites
- Asp.Net Core (MVC) with Windows authentication
- Asp.net Razor page (Using the individual accounts auth option)
On the Windows Auth site I added the following code in Program.cs
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddCookie("CookieAuthenticationScheme") // New ************
.AddNegotiate();
and
builder.Services.AddDataProtection() // New (Added before var app = builder.Build())
.PersistKeysToFileSystem(new DirectoryInfo(@"c:KeyLocation"))
.SetApplicationName("SharedCookieApp");
builder.Services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
Then in Home/Index I added
public class HomeController : Controller
{
public async Task<IActionResult> Index()
{
var c = HttpContext;
var userName = c.User.Identity?.Name;
if (userName != null)
{
userName = "[email protected]"; // Name match's user created in asp.net identity on other site
IEnumerable<Claim> claims = [new(ClaimTypes.Name, userName)];
await c.SignInAsync("CookieAuthenticationScheme", new ClaimsPrincipal(new ClaimsIdentity(claims, "CookieAuthenticationScheme")));
}
var Referer = Redirect("https://localhost:7207");
return Referer;
}
Then in the main web site using cookies I added the following to Program.cs
builder.Services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(@"c:KeyLocation"))
.SetApplicationName("SharedCookieApp");
builder.Services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
However the cookie created in the Windows Auth site doesn’t login the main web site
Any help would be appreciated