Shared login authentication between two domains?!

Discussion in 'ASP General' started by tanya.wang@gmail.com, Oct 30, 2007.

  1. Guest

    Hi all,

    We have a site called http://www.mydomainxyz.com/ and our network guy
    has set up load balancing with multiple IIS servers. We also have a
    function that allows users to upload photos on our website. Recently
    we found that doing load balancing will cause the upload function not
    workable sometimes and we came up with a plan by creating a specific
    domain (let's say http://upload.mydomainxyz.com/) and linking it to
    our primary web server. We expect that every uploaded pictures will be
    stored under the folder of our primary IIS server. But here comes my
    problem -

    Since all users are required to login before uploading pictures, We
    found that the new domain cannot carry over the login information that
    our www domain already knows. In other words, if our users log in
    http://www.mydomainxyz.com/, they have to login again when they switch
    to the page beginning with upload. Is there any way that these two
    domain can share the same login information without requiring them to
    input login information again?

    The http://upload.mydomainxyz.com/ will only be used for uploading
    pictures only. All other pages we will use the www domain.

    Here is what I did when login to www.mydomainxyz.com -

    <%
    set rs=server.createobject("adodb.recordset")
    sql="select ID, username, pass from registration where username='" &
    request("username") & "' and password='" & request("password")& "'"
    set rs = conn.execute(sql)
    if not rs.eof then
    'Login cookies
    response.cookies("login_situation")="OK"
    response.cookies("login_name")=rs("username")
    response.cookies("login_userid")=rs("Id")
    else
    response.redirect ("../login.asp")
    end if

    %>
    , Oct 30, 2007
    #1
    1. Advertising

  2. <> wrote in message
    news:...
    > Hi all,
    >
    > We have a site called http://www.mydomainxyz.com/ and our network guy
    > has set up load balancing with multiple IIS servers. We also have a
    > function that allows users to upload photos on our website. Recently
    > we found that doing load balancing will cause the upload function not
    > workable sometimes and we came up with a plan by creating a specific
    > domain (let's say http://upload.mydomainxyz.com/) and linking it to
    > our primary web server. We expect that every uploaded pictures will be
    > stored under the folder of our primary IIS server. But here comes my
    > problem -
    >
    > Since all users are required to login before uploading pictures, We
    > found that the new domain cannot carry over the login information that
    > our www domain already knows. In other words, if our users log in
    > http://www.mydomainxyz.com/, they have to login again when they switch
    > to the page beginning with upload. Is there any way that these two
    > domain can share the same login information without requiring them to
    > input login information again?
    >
    > The http://upload.mydomainxyz.com/ will only be used for uploading
    > pictures only. All other pages we will use the www domain.
    >
    > Here is what I did when login to www.mydomainxyz.com -
    >
    > <%
    > set rs=server.createobject("adodb.recordset")
    > sql="select ID, username, pass from registration where username='" &
    > request("username") & "' and password='" & request("password")& "'"
    > set rs = conn.execute(sql)
    > if not rs.eof then
    > 'Login cookies
    > response.cookies("login_situation")="OK"
    > response.cookies("login_name")=rs("username")
    > response.cookies("login_userid")=rs("Id")
    > else
    > response.redirect ("../login.asp")
    > end if
    >
    > %>
    >


    Don't create multiple cookies use a single multi value cookie like this:-

    Set oLogonCookie = Response.Cookies("Logon")
    oLogonCookie("state") = "ok"
    oLogonCookie("username") = rs("username")
    oLogonCookie("userId") = rs("id")
    oLogonCookie.Domain = "mydomainxyz.com"

    Note the domain property above will cause the cookie to be sent with
    requests for any host in the domain (i.e., both upload and www will receive
    the cookie regardless of which created it).

    --
    Anthony Jones - MVP ASP/ASP.NET
    Anthony Jones, Oct 30, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?iso-8859-1?q?Nils Hedstr=f6m

    Sharing login between different domains

    =?iso-8859-1?q?Nils Hedstr=f6m, Jan 24, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    340
    Steven Cheng[MSFT]
    Jan 25, 2005
  2. Replies:
    10
    Views:
    719
    William Tasso
    Oct 29, 2005
  3. kavili
    Replies:
    0
    Views:
    521
    kavili
    Aug 1, 2006
  4. Can Uzun

    Single Login To Multiple Domains

    Can Uzun, Jun 23, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    121
  5. Corobori

    Copying a file between two domains

    Corobori, Sep 3, 2005, in forum: ASP General
    Replies:
    3
    Views:
    97
    Roland Hall
    Sep 8, 2005
Loading...

Share This Page