P
Purushottam Khandebharad
Hi,
I have to implement single sign on between 2 web application, 1st is
asp.net2.0 web app and 2nd is asp.net 1.1 web app, domains of both the
applications are diff.
I have already configured forms authentication for both the
applications and <<<its working if both the applications are on
"localhost" " >>> but if I try to use 2nd application on different
machine, the forms authentication ticket cookie created by first app is
not recognized by 2nd application.
P.S.: please be clear that i have used
1. same forms auth cookie name for both the apps
2. path is "/" for both
3. protection is "All" for both apps
4. Machine keys are same for both apps.
Configuration and code for bothe apps are as follows
---------------------------------------------------------------------------------------
Asp.net 2.0 App configuration
---------------------------------------------------------------------------------------
<system.web>
<authentication mode="Forms" >
<forms name=".AUTH"
loginUrl="Login.aspx"
protection="All"
domain=""
path="/"
timeout="20"
slidingExpiration="true"
enableCrossAppRedirects="true" />
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<machineKey
validationKey='5C9D7A8F3E336275166075E596F19EB9B478F771C7FE45B65BF6E9B41BA9575F04672CCC4242B2245200CD0E63A8991CA6BFB2D77FE9C5B0D69889359574C5F3'
decryptionKey='AF96F355CEC57EFD2F996515BF465DD399FAF7B806B2CD55'
validation='SHA1'
decryption='3DES' />
</system.web>
---------------------------------------------------------------------------------------
code on login page login button click
---------------------------------------------------------------------------------------
FormsAuthentication.SetAuthCookie(TextBox1.Text.Trim(), false);
Response.Redirect(FormsAuthentication.GetRedirectUrl(TextBox1.Text.Trim(),
false));
---------------------------------------------------------------------------------------
Configuration for asp.net 1.1 application
---------------------------------------------------------------------------------------
<system.web>
<authentication mode="Forms" >
<forms name=".AUTH"
loginUrl="Login.aspx"
protection="All"
domain=""
path="/"
timeout="20"
slidingExpiration="true"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<machineKey
validationKey='5C9D7A8F3E336275166075E596F19EB9B478F771C7FE45B65BF6E9B41BA9575F04672CCC4242B2245200CD0E63A8991CA6BFB2D77FE9C5B0D69889359574C5F3'
decryptionKey='AF96F355CEC57EFD2F996515BF465DD399FAF7B806B2CD55'
validation='SHA1'/>
</system.web>
If anybody thinks that giving domain names (like "aap1.sso.com" and
"app2.sso.com") will work then let me clear my efforts on that , i
tried setting domain name for asp.net2.0 app in configuration of forms
authentication and it accepts domain name only when i use
cookieless="UseUri" but i am not able to configure domain name on 2nd
app ( asp.net 1.1) still it fails to authenticate when redirected to
2nd app( it asks for login again)
My requirement is bit urgent, it will be helpful if anybody gives me
solution soon
Thanks in advance
Regards,
Purushottam Khandebharad
I have to implement single sign on between 2 web application, 1st is
asp.net2.0 web app and 2nd is asp.net 1.1 web app, domains of both the
applications are diff.
I have already configured forms authentication for both the
applications and <<<its working if both the applications are on
"localhost" " >>> but if I try to use 2nd application on different
machine, the forms authentication ticket cookie created by first app is
not recognized by 2nd application.
P.S.: please be clear that i have used
1. same forms auth cookie name for both the apps
2. path is "/" for both
3. protection is "All" for both apps
4. Machine keys are same for both apps.
Configuration and code for bothe apps are as follows
---------------------------------------------------------------------------------------
Asp.net 2.0 App configuration
---------------------------------------------------------------------------------------
<system.web>
<authentication mode="Forms" >
<forms name=".AUTH"
loginUrl="Login.aspx"
protection="All"
domain=""
path="/"
timeout="20"
slidingExpiration="true"
enableCrossAppRedirects="true" />
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<machineKey
validationKey='5C9D7A8F3E336275166075E596F19EB9B478F771C7FE45B65BF6E9B41BA9575F04672CCC4242B2245200CD0E63A8991CA6BFB2D77FE9C5B0D69889359574C5F3'
decryptionKey='AF96F355CEC57EFD2F996515BF465DD399FAF7B806B2CD55'
validation='SHA1'
decryption='3DES' />
</system.web>
---------------------------------------------------------------------------------------
code on login page login button click
---------------------------------------------------------------------------------------
FormsAuthentication.SetAuthCookie(TextBox1.Text.Trim(), false);
Response.Redirect(FormsAuthentication.GetRedirectUrl(TextBox1.Text.Trim(),
false));
---------------------------------------------------------------------------------------
Configuration for asp.net 1.1 application
---------------------------------------------------------------------------------------
<system.web>
<authentication mode="Forms" >
<forms name=".AUTH"
loginUrl="Login.aspx"
protection="All"
domain=""
path="/"
timeout="20"
slidingExpiration="true"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<machineKey
validationKey='5C9D7A8F3E336275166075E596F19EB9B478F771C7FE45B65BF6E9B41BA9575F04672CCC4242B2245200CD0E63A8991CA6BFB2D77FE9C5B0D69889359574C5F3'
decryptionKey='AF96F355CEC57EFD2F996515BF465DD399FAF7B806B2CD55'
validation='SHA1'/>
</system.web>
If anybody thinks that giving domain names (like "aap1.sso.com" and
"app2.sso.com") will work then let me clear my efforts on that , i
tried setting domain name for asp.net2.0 app in configuration of forms
authentication and it accepts domain name only when i use
cookieless="UseUri" but i am not able to configure domain name on 2nd
app ( asp.net 1.1) still it fails to authenticate when redirected to
2nd app( it asks for login again)
My requirement is bit urgent, it will be helpful if anybody gives me
solution soon
Thanks in advance
Regards,
Purushottam Khandebharad