M
Mark Farragher
I have a problem with FormsAuthentication:
I have two web applications:
http://localhost/bx/authentication
http://localhost/myapp
I have a 'login' hyperlink in MyApp that opens
http://localhost/bx/authentication/login.aspx in a popup window. The popup
window has a username and password text field and an ok button. The postback
code for the ok button is:
....
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, txtUID.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false,
myPayload);
string ticketstring = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
ticketstring);
Response.Cookies.Add(cookie);
....
The web.config file in both applications has an authentication section:
....
<authentication mode="Forms">
<forms name="BXAuthentication" protection="All" />
</authentication>
....
This does not work. User.Identity is always null in MyApp. The weird thing
is that when I add this code to MyApp's Page_Load method:
Response.Write
(Request.Cookies[FormsAuthentication.FormsCookieName].Value.ToString());
I can actually see the serialized login ticket!! So the cookie is passed
correctly from the popup window to MyApp, but somehow this does not count as
being authenticated. How can I get MyApp to 'accept' the cookie? What am I
missing? Is authentication accross AppDomains possible at all?
Thanks for any help,
Mark
I have two web applications:
http://localhost/bx/authentication
http://localhost/myapp
I have a 'login' hyperlink in MyApp that opens
http://localhost/bx/authentication/login.aspx in a popup window. The popup
window has a username and password text field and an ok button. The postback
code for the ok button is:
....
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, txtUID.Text, DateTime.Now, DateTime.Now.AddMinutes(30), false,
myPayload);
string ticketstring = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
ticketstring);
Response.Cookies.Add(cookie);
....
The web.config file in both applications has an authentication section:
....
<authentication mode="Forms">
<forms name="BXAuthentication" protection="All" />
</authentication>
....
This does not work. User.Identity is always null in MyApp. The weird thing
is that when I add this code to MyApp's Page_Load method:
Response.Write
(Request.Cookies[FormsAuthentication.FormsCookieName].Value.ToString());
I can actually see the serialized login ticket!! So the cookie is passed
correctly from the popup window to MyApp, but somehow this does not count as
being authenticated. How can I get MyApp to 'accept' the cookie? What am I
missing? Is authentication accross AppDomains possible at all?
Thanks for any help,
Mark