Forms Authentication Cookie Not Being Recognized
Question
I have a very basic problem here, and absolutely no idea how to handle it.
Basically, forms authentication sets a cookie for my site at "domain.com", and works all fine until a point in my site where I redirect a user to a page at "www.domain.com/page" and then it doesn't recognize the authentication cookie. If works if I manually type in "domain.com/page", or if I go to the site using the full "www.domain.com", but it won't work between the two (with and without the "www" at the front). Is there a way around this?
Thanks for any help you guys can give!
1 answers
solution1
1 2014-01-28 02:09:52
domain.com and www.domain.com are considered 2 different domains. Cookies created in one domain cannot be accessed from another.
There are 2 solutions to this problem:
1) Set the cookie's domain property to .domain.com (notice the . ). With this setting, your cookie will be available to domain.com and domain.com 's sub domains. Check this for more information. In web.config you can do something like this:
<authentication mode="Forms">
<forms domain=".domain.com" />
</authentication>
2) Always redirect to 1 domain when users try to access your site. For example, when a user accesses domain.com/page , you redirect that user to www.domain.com/page => the cookie is always created for www.domain.com and your users always have to access www.domain.com
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.