Posted by NC on 09/20/06 17:48

Kim André Akerø wrote:
>
> I'm trying to make my PHP scripts communicate with
> a ASP.NET based authentication solution.
>
> I have $_COOKIE["FormsAuth"], but it's encrypted using
> the FormsAuthentication.Encrypt method.

FormsAuthentication.Encrypt produces a serialized
FormsAuthenticationTicket object...

> Is there a way to decrypt this cookie using PHP?

Yes, but only on Windows. You'll have to define a COM or a DOTNET
object and decrypt the cookie the Windows way, using
FormsAuthentication.Decrypt...

A much simpler solution would be to tweak with the ASP.Net code and
have it explicitly set cookies based on FormsAuthenticationTicket
properties (CookiePath, Expiration, Expired, IsPersistent, IssueDate,
Name, UserData, Version). Something along these lines:

Dim cookie As HttpCookie
cookie = New HttpCookie("Expiration")
cookie.Value = authTicket.Expiration.ToString
Response.Cookies.Add(cookie)

Then, instead of dealing with the serialized object in
$_COOKIE["FormsAuth"], you would be dealing with plain and simple
$_COOKIE['Expiration'].

My guess is that about the only value you really need is Expiration...

Cheers,
NC

• Next in forum: database lookup
• Prev in forum: Re: free PHP editor on linux
• Thread view: Re: FormsAuthentication to PHP

[Reply to this message]