Authentication between applications in ASP.NET
Question
I am wondering what the best way to secure our applications is for the following situation. Basically, we have a page where we authenticate users, and once they user has logged in they have an option to select from various applications. My dilemma is how to pass that the user is authenticated from our login page to the various applications. I would also need to pass the user id. Currently we pass an encrypted userid to each application once they sign on. Is there an easier way to do this through forms authentication? The applications are "Applications" in IIS and run under different app pools so I haven't found anyway of passing Sessions between the Membership and the applications.
IIS 7.5 Structure:
-Sites
-Website
-Membership
-Application 1
-Application 2
-Application 3
1 answers
solution1
1 ACCPTED 2011-12-09 16:03:36
There is no way to directly pass a session between applications in separate pools. You'd have to build a transfer mechanism.
If these are internal applications and you have a Windows domain, the simplest way is to use Windows Authentication and avoid the problem altogether.
Barring that, you may want to look at the Enabling Single Sign-on Using ASP.NET article on MSDN.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.