Forms Authentication Single Sign On across applications
Question
I have a parent application in IIS7 which uses Forms authentication. Within that app, I have another application (not virtual directory) which I would like to inherit the parents forms authentication settings.
The authentication in the child app is not working, when i call System.Web.Security.Membership.GetUser() it returns null.
Both the web.configs have the same authentication sections, both are set to have the same machine key and both are using the same app pool. Does anyone else have any more ideas?
Thanks
1 answers
solution1
0 2011-11-24 21:03:03
Without a proper look at the applications its difficult to see what could be happening, however, I do have a suggestion. Previously, I've written a class the encrypts the username in a cookie using something like a session id as a hash.
The next app can then check for the cookie, decrypt the username and authenticate the user.
The only issue with this is the cookie access. It only works for apps with the same parent domain. Eg A cookie of domain.com would be accessible to www.domain.com, app1.domain.com and app2.domain.com.
Another solution, that would get around the domain issue, would be a Shibboleth implementation.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.