Hi
I'm trying to use Module Zero as a single-sign on source. I have two MVC 4 websites using forms authentication and want to use the authentication functionality of Module Zero for them.
I've successfully followed this approach with the two MVC4 sites and a sample MVC5 site which uses IdentityProvider (similar to what Module Zero uses) so I can confirm that it works.
<a class="postlink" href="http://www.alexboyang.com/2014/05/28/sso-for-asp-net-mvc4-and-mvc5-web-apps-shared-the-same-domain/">http://www.alexboyang.com/2014/05/28/ss ... me-domain/</a>
But if I apply the same changes to Module Zero it doesn't work, the authentication cookie is decrypted/encrypted successfully but something prevents the authentication to work completely. After applying the changes from the blog, I can't even log in to the Module Zero site from the login page.
If I debug the code, the login is successful, but something in the internals of Module Zero rejects the authentication and always redirects back to the login page.
Any advice ? Thanks
1 Answer(s)
-
0
Hi,
I didn't make it work either, byt you can try to do another approach,
Define a custom data protector,
public class MachineKeyProtector : IDataProtector { private readonly string[] _purpose = { typeof(OAuthAuthorizationServerMiddleware).Namespace, "Access_Token", "v1" }; public byte[] Protect(byte[] userData) { return System.Web.Security.MachineKey.Protect(userData, _purpose); } public byte[] Unprotect(byte[] protectedData) { return System.Web.Security.MachineKey.Unprotect(protectedData, _purpose); } }Then use it like this,
TicketDataFormat = new TicketDataFormat(new MachineKeyProtector()),Can you also share your CookieAuthenticationOptions definition ?
Thanks,
