R
RedEye
Hello,
What I am shooting for is this. I have an asp.net application living on a
web farm and I want to have the user sent to a secure server to handle
logins and updating private information.
What I have done so far is add the machineKey values to the web.config on
all instances of the application in the web farm and in the secured server
version. I am also using sql server to handle session state.
When the user enters the site and is not authenticated they are redirected
(response.redirect("..."))to the secure server to login. Once the user is
authenticated they are then redirected back to the web farm unsecured
version.
When the user successfully logs in I set a persistent cookie
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, True)
Once the user lands back on the unsecured site the user is no longer
authenticated.
I have tested this on my local dev machine and jumping from secure to
unsecured works fine.
The test environment is going between
https://localhost/MyApp and http://localhost:3254/MyApp
Both on the same machine
The production environment is going between
https://secure.mydomain.com and http://MyApp.mydomain.com (Web Farm)
Is there something I forgot to do?
Thanks for any help!
Red
What I am shooting for is this. I have an asp.net application living on a
web farm and I want to have the user sent to a secure server to handle
logins and updating private information.
What I have done so far is add the machineKey values to the web.config on
all instances of the application in the web farm and in the secured server
version. I am also using sql server to handle session state.
When the user enters the site and is not authenticated they are redirected
(response.redirect("..."))to the secure server to login. Once the user is
authenticated they are then redirected back to the web farm unsecured
version.
When the user successfully logs in I set a persistent cookie
FormsAuthentication.RedirectFromLoginPage(Login1.UserName, True)
Once the user lands back on the unsecured site the user is no longer
authenticated.
I have tested this on my local dev machine and jumping from secure to
unsecured works fine.
The test environment is going between
https://localhost/MyApp and http://localhost:3254/MyApp
Both on the same machine
The production environment is going between
https://secure.mydomain.com and http://MyApp.mydomain.com (Web Farm)
Is there something I forgot to do?
Thanks for any help!
Red