Bamya dediği gibi, hesaba dahil algoritmaları almak gerekir. Asp.net doğrulama bileti kullanır:

1. Create a serialized forms authentication ticket. A byte array representation of the ticket is created.
2. Sign the forms authentication ticket. The message authentication code (MAC) value for the byte array is computed by using the algorithm and key specified by the validation and validationKey attributes of the machineKey element. By default, the SHA1 algorithm is used.
3. Encrypt forms authentication ticket. The second byte array that has been created is encrypted by using the Encrypt method of the FormsAuthentication class. The Encrypt method internally uses the algorithm and key specified by the decryption and decryptionKey attributes on the machineKey element. ASP.NET version 1.1 uses the 3DES algorithm by default. ASP.NET version 2.0 uses the Rinjdael (AES) algorithm by default.

Öncelikle, sizin machine.config açın ve bir MachineKey girişi ekleyin. Aspnet 2.0 için bir MachineKey jeneratör rasgele oluşturulmuş olanlara göre çözme anahtarı ve doğrulama anahtarını ayarlayın.

Be sure to use the default's, ie. AES and SHA1. Now that you have the AES decrypt key, store it somewhere because you are going to need it on the php side. In your dot net app, go into the web.config and get the forms auth cookie name, usually something like .ASPXAUTH

Şimdi PHP tarafına gidin. Download ve AES şifreleme kütüphanesi kurmak, bu gibi, http://phpseclib.sourceforge.net/documentation/

Sonra PHP böyle bir şey (bu phpsec lib kullanır) yapabilirsiniz:

set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib');
include('Crypt/AES.php');

$authCookie = $_COOKIE['_ASPXAUTH'];

echo $authCookie;

$aes = new Crypt_AES();

$aes->setKey('BCDCBE123654F3E365C24E0498346EB95226A307857B9BDE8EBA6198ACF7F03C');

echo $aes->decrypt($authCookie);

Şimdi ne gelen biter İlk pm + SHA1 karma + auth bilet bir bayt temsil olacak. Bunu okunabilir hale getirmek için bir dizeye tefrika bayt dönüştürmek gerekir. Başka birisi bu son aşamada Iluminate miyim?

Eğer şifre çözme algoritması biliyorsanız emin PHP bunu uygulayabilirsiniz.

Dan Microsoft KB

The forms authentication ticket is used to tell the ASP.NET application who you are. Thus, ticket is building block of Forms Authentication's security.

The ticket is encrypted and signed using the configuration element of the server's Machine.config file. ASP.NET 2.0 uses the decryptionKey and the new decryption attribute of the element to encrypt forms authentication tickets. The decryption attribute lets you specify the encryption algorithm to use. ASP.NET 1.1 and 1.0 use 3DES encryption, which is not configurable. Tampering with the ticket value is determined by a failure to decrypt the ticket on the server. As a result, the user will be redirected to the logon page.

If the application is deployed in a Web farm, you must make sure that the configuration files on each server share the same value for the validationKey and decryptionKey attributes in the tag, which are used for hashing and decryption of the ticket respectively. You must do this because you cannot guarantee which server will handle successive requests. For more information about FormsAuthenticationTicket encryption and Web farm deployment considerations, visit the following MSDN Web site:

Peki, ne şifreleme / şifre çözme takip algoritması ve anahtar belirtebilirsiniz. PHP aynı şifre çözme mantığı kullanabilirsiniz.