weixin_33688840 2015-06-04 20:40 采纳率: 0%
浏览 74


I have some web application in my server which use ADFS for authentication let's say this is their URLs :


When the user access any URL under "ManyWebApps" hierarchy he can freely use the server function they provide through javascript and through the browser without further authentication:


Now, I need to detach one of my web apps to a new URL like so :


Will the user still be able to free access server functions under the "ManyWebApps" hierarchy :

access http://myServer/ManyWebApps/Server/Function from http://myServer/WebApp1

Note : both web applications are still on the same server and work with the same ADFS server, when the user enters http://myServer/WebApp1 he is authenticated, but will he be able to access functions on diffirent web apps on the server without further authentication?

P.S : I need to access a function without further authentication because making an AJAX request to the function while unauthenticated will cause the AJAX request to be redirected to the ADFS which it can't handle

  • 写回答

1条回答 默认 最新

  • weixin_33691700 2015-06-05 16:22

    CONFIRMED : The authentication is saved in http://myServer so no further authentication need to take place if both apps are on the same domain

    When sending a request to the server, all of the user's cookies are sent including the authentication token. If the user's doesn't have the token in his cookies, the server will direct him to the ADFS. But since both web applications are under the same server, they share the same cookies which means once the user entered any address in MyServer hierarchy, he can free enter any in that hierarchy without further authentication




    • ¥15 Google Chrome 所有页面崩溃,三种解决方案都没有解决,我崩溃了
    • ¥20 使用uni-app发起网络请求,获取重定向302返回的cookie
    • ¥20 手机外部浏览器拉起微信小程序支付 (相关搜索:微信小程序)
    • ¥20 怎样通过一个网址找到其他同样模版的网址
    • ¥30 XIAO esp32c3 读取FDC2214的数据
    • ¥15 在工控机(Ubuntu系统)上外接USB蓝牙硬件进行蓝牙通信
    • ¥100 webapi的部署(标签-服务器)
    • ¥20 怎么加快手机软件内部计时的时间(关键词-日期时间)
    • ¥15 C语言除0问题的检测方法