IFRAME中的Internet Explorer和客戶端證書

[英]Internet Explorer and client certificate in an IFRAME


I'm having a problem with a site that uses client side certificates for authentication. The site contains an iframe which loads a page hosted on a different server. This page also uses the client certificate.

我在使用客戶端證書進行身份驗證的網站遇到問題。該網站包含一個iframe,用於加載托管在其他服務器上的頁面。此頁面還使用客戶端證書。

This works perfectly, except that a hiccup in the "inner page" webserver sometimes causes it to lose the authenticated state of the user (the site in question is ASP.NET). I'm trying to find a way to gracefully recover from this, but I can't get Internet Explorer to retransmit the client certificates by setting HTTP response code and/or WWW-authenticate header. At most, it'll bring up a basic username/password prompt instead.

這很有效,除了“內頁”網絡服務器中的打嗝有時會導致它失去用戶的身份驗證狀態(有問題的站點是ASP.NET)。我正在嘗試找到一種方法來優雅地從中恢復,但我無法通過設置HTTP響應代碼和/或WWW-authenticate標頭來讓Internet Explorer重新傳輸客戶端證書。最多,它會提示一個基本的用戶名/密碼提示。

When I open a new tab in Internet Explorer 8 with the same site, it'll work fine in that tab, but in the original tab the client certificate will only be visible to the "outer" website. Reloading the page doesn't help. My only option is to close that tab and start using a new one..

當我在Internet Explorer 8中使用相同的站點打開一個新選項卡時,它在該選項卡中可以正常工作,但在原始選項卡中,客戶端證書只對“外部”網站可見。重新加載頁面沒有幫助。我唯一的選擇是關閉該選項卡並開始使用新選項卡。

Has anyone seen this behavior in IE before? Is there any way to get it to retransmit the client certificate?

有沒有人在IE之前見過這種行為?有沒有辦法讓它重新傳輸客戶端證書?

1 个解决方案

#1


You will need to add a P3P header to the HTTP response to tell IE that all is okay with the content in the iframe.

您需要向HTTP響應添加一個P3P標頭,告訴IE,iframe中的內容一切正常。

Cache-Control:private
Content-Encoding:gzip
Content-Length:13801
Content-Type:text/html; charset=utf-8
Date:Thu, 18 Aug 2011 16:59:18 GMT
P3P:CP="CAO PSA OUR"
Server:Microsoft-IIS/7.0
Vary:Accept-Encoding
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET

You can use Response.AddHeader() to do this.

您可以使用Response.AddHeader()來執行此操作。

Response.AddHeader("P3P", "CP=\"CAO PSA OUR\"")

Response.AddHeader(“P3P”,“CP = \”CAO PSA OUR \“”)

Or you can set it in your web.config if you want it to be site wide.

或者,如果您希望它在站點范圍內,您可以在web.config中進行設置。


注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2009/06/10/729e8c6d969b28dca1620125e65c1b74.html



 
粤ICP备14056181号  © 2014-2020 ITdaan.com