I am working on a MVC .NET project which uses form authentication. I tried copying the site and publishing it on IIS (separate virtual directory). I saw that I can not be authenticated for two sites at the same time: When I use a site, I automatically disconnect from the other. What should be changed to make the user possible to reach with both? Is this a cookie issue?
I think, because when I inspect the site elements it is clear that _ASPXUUTUP cookie has the same value for both. What should I change?
Is this a cookie issue?
Yes, SSO is very much dependent on which of the two websites they are hosting if they are hosted on the same sub-domain such as site1.example .com and site2.example.com If you need to get the SSO between them, then the domain property is set to the form authenticity to the cookie .example.com and make sure that both the applications have a Only machine keys share:
& lt; Authentication mode = "form" & gt; & Lt; Form security = "all" domain = ".example.com" /> & Lt; / Authentication & gt; & Lt; Machine validity key = "xxxxx" decryption key = "XXX" verification = "SHA1" decryption = "AES" /> If 2 sites are at different top level domains, such as example1.com and example2.com , then you need more work You can get some details to get the cross domain SSL.
Update:
I may have forgotten your question It appears that you do not want SSO among websites, but require different authentication . In this case, you need to have a different cookie name for both of them:
& lt; Forms name = "SITE1AUTH" /> and:
& lt; Form name = "SITE2AUTH" /> 
Comments
Post a Comment