在ASP.NET和WordPress之间共享身份验证

时间:2021-04-26 01:57:18

I'm in a situation where I need to auto-auth users between an ASP.NET website and WordPress. The idea is once you're logged into the ASP.NET website and if you browse the WP pages your logged in automagically and vice versa.

我需要在ASP.NET网站和WordPress之间自动授权用户。这个想法是,一旦你登录到ASP.NET网站,如果你浏览WP页面,你自动登录,反之亦然。

In ASP.NET I can auth users against WP database but that's all I can think of, so the question is.

在ASP.NET中,我可以针对WP数据库授权用户,但这是我能想到的,所以问题是。

-How to enable this by-directional authentication scheme?

- 如何启用此方向认证方案?

-Zubair

3 个解决方案

#1


5  

I had a similar problem, where I had an ASP.net application (third party) and a PHP application (built in-house). I have modified the ASP.net application with just a few lines of code, so that it worked like this:

我遇到了类似的问题,我有一个ASP.net应用程序(第三方)和一个PHP应用程序(内部构建)。我用几行代码修改了ASP.net应用程序,所以它的工作原理如下:

  1. User logs to the ASP.net application
  2. 用户登录到ASP.net应用程序

  3. The ASP.net application sets a session cookie (this is automatic)
  4. ASP.net应用程序设置会话cookie(这是自动的)

  5. Modification: the ASP.net adds a row to the database with the session ID (which is in the cookie) and the username
  6. 修改:ASP.net使用会话ID(位于cookie中)和用户名向数据库添加一行

  7. The PHP application reads the ASP.net session cookie and gets the session ID
  8. PHP应用程序读取ASP.net会话cookie并获取会话ID

  9. The PHP application searches the DB for the session ID and if it is found, it automatically associates the session with the username found
  10. PHP应用程序在数据库中搜索会话ID,如果找到,它会自动将会话与找到的用户名相关联

I also added an expiry time for the sessions, to minimize impersonation possibilies...

我还为会话添加了一个到期时间,以尽量减少模仿的可能性......

#2


0  

There are two different server side scripts and it is hard to create by-directional authentication. Since WP uses cookies, you might try to authenticate users against cookies. creating a mechanism that check if there is valid WP cookies in users machine and then read from cookies to authenticate users.

有两种不同的服务器端脚本,很难创建按方向验证。由于WP使用cookie,您可能会尝试针对cookie对用户进行身份验证。创建一种机制,检查用户计算机中是否存在有效的WP cookie,然后从cookie中读取以验证用户身份。

#3


0  

Send cookies from PHP by SetCookie() method, then read cookies from ASP.Net by reading cookies collection(since the name of the cookie changes). then Decode url.. (in ASP.Net you wil get encrypted url. special caharacters are replaced by(#-->%23 , @--->%40 etc..)

通过SetCookie()方法从PHP发送cookie,然后通过读取cookie集合从ASP.Net读取cookie(因为cookie的名称发生了变化)。然后解码url ..(在ASP.Net中你会得到加密的url。特殊的caharacters被替换为(# - >%23,@ --->%40等...)

#1


5  

I had a similar problem, where I had an ASP.net application (third party) and a PHP application (built in-house). I have modified the ASP.net application with just a few lines of code, so that it worked like this:

我遇到了类似的问题,我有一个ASP.net应用程序(第三方)和一个PHP应用程序(内部构建)。我用几行代码修改了ASP.net应用程序,所以它的工作原理如下:

  1. User logs to the ASP.net application
  2. 用户登录到ASP.net应用程序

  3. The ASP.net application sets a session cookie (this is automatic)
  4. ASP.net应用程序设置会话cookie(这是自动的)

  5. Modification: the ASP.net adds a row to the database with the session ID (which is in the cookie) and the username
  6. 修改:ASP.net使用会话ID(位于cookie中)和用户名向数据库添加一行

  7. The PHP application reads the ASP.net session cookie and gets the session ID
  8. PHP应用程序读取ASP.net会话cookie并获取会话ID

  9. The PHP application searches the DB for the session ID and if it is found, it automatically associates the session with the username found
  10. PHP应用程序在数据库中搜索会话ID,如果找到,它会自动将会话与找到的用户名相关联

I also added an expiry time for the sessions, to minimize impersonation possibilies...

我还为会话添加了一个到期时间,以尽量减少模仿的可能性......

#2


0  

There are two different server side scripts and it is hard to create by-directional authentication. Since WP uses cookies, you might try to authenticate users against cookies. creating a mechanism that check if there is valid WP cookies in users machine and then read from cookies to authenticate users.

有两种不同的服务器端脚本,很难创建按方向验证。由于WP使用cookie,您可能会尝试针对cookie对用户进行身份验证。创建一种机制,检查用户计算机中是否存在有效的WP cookie,然后从cookie中读取以验证用户身份。

#3


0  

Send cookies from PHP by SetCookie() method, then read cookies from ASP.Net by reading cookies collection(since the name of the cookie changes). then Decode url.. (in ASP.Net you wil get encrypted url. special caharacters are replaced by(#-->%23 , @--->%40 etc..)

通过SetCookie()方法从PHP发送cookie,然后通过读取cookie集合从ASP.Net读取cookie(因为cookie的名称发生了变化)。然后解码url ..(在ASP.Net中你会得到加密的url。特殊的caharacters被替换为(# - >%23,@ --->%40等...)