好的，所以这是我最终使用的解决方案:

OK, so this is the solution I ended up using:

在原始应用程序(需要身份验证的应用程序；上面的步骤1)中，我将用户重定向到我的登录门户，并将原始URL包含为get参数. 然后，用户输入其详细信息，用户名和密码.

In the original application (the one that needs the authentication; step 1 above) I redirect the user to my login portal, and include the original url as a get parameter. The user then types in their details, username and password.

接下来，服务器端代码对它们进行身份验证，然后重定向到新页面，在该页面中，我将包含请求日期时间(出于安全性)以及加密字符串(包括请求日期时间)的html形式发送回该页面.我要发送回原始表单的数据).

Next, the server-side code authenticates them, and redirects to a new page, where I send back to the page an html form which includes the request datetime (for security) along with a encrypted string (including the datetime of the request) of the data I want sent back to the original form.

我还添加了一个JavaScript post方法，该方法将数据作为表单发布发送到原始url.因为我在两端使用相同的类库，所以我可以使用相同的方法对数据进行加密和解密，并且原始请求应用程序具有所有用户数据，包括检查请求日期时间的能力(我允许从身份验证到原始应用提取之间的时间间隔，请确保在5分钟之内.

I also add a JavaScript post method which sends the data to the original url as a form post. Because I'm using the same class library at both ends, I can encrypt and decrypt the data using the same method and the original requesting application has all the user data, including the ability to check the datetime of the request (I allow a set amount of time between the authentication and the picking up by the original app, making sure these are within say 5 minutes.

工作完成了.

如果有人想要该代码，我可以提供它，只是暂时不带它，如果我记得我会张贴它.

If anyone wants the code, I can provide it, just don't have it with me at the moment, if I remember I'll post it.

这不是最优雅的解决方案，但是它可以工作并且安全，所以我很高兴. :).

Not the most elegant solution, but it works, and it's secure, so I'm happy. :).