Maintaining Authentication across ASP.Net Web Apps

[Os]

Hi,

What would be a good way to maintain authentication across web
applications?

I have an existing application (Framework 1.1) which does the user
authentication. Currently, we have developed another application in
Framework 2.0 which will only allow authenticated users from the
Framework 1.1 application to view the information.

Can anyone advise how I can achieve this?

Thank you!

 

[Chris Crowe [MVP 1997 -> 2006]]

Basically cookies will allow you to handle this type of authentication as
long as the domains are the same.

http://www.mydomain.com/WebApp11
and
http://www.mydomain.com/WebApp20

If you setup a cookie and the path is / then you could read the cookie from
either application.

--

Cheers

Chris Crowe [IIS MVP 1997 -> 2006]
http://blog.crowe.co.nz

 

[Os]

Hi Chris,

Thanks for the reply.

When using cookies, will there be any security issues?
How can I ensure and convince others that the cookie cannot be
replicated to authenticate another user?

 

[Guest]

hi,
There are different way to handle authentication with cookies.
The most secure is to store in the cookie, a crypted user id.
Then that user ide will be store in a databse USER ACCESS table in which you
will have user authentication information based on the crypted ID read from
the cookie

serge
MCP (XP, VB.NET,ASP.NET)

 

[Os]

Thanks Chris and Serge!

I think i have a basic idea of how it is now.

Much appreciated!