Single Sign On Not Working

Discussion in 'ASP .Net' started by andrew@wingspan.info, Feb 6, 2008.

  1. Guest

    Hi

    I am working on an app for a charity, www.encephalitis.info. They need
    an online shop and forums. To that effect, I have set up the following
    subdomains (starter kit used in brackets):

    www.encephalitis.info
    forums.encephalitis.info (yetanotherforum.net starter kit)
    shop.encephalitis.info (dashCommerce.org starter kit)

    For testing purposes, I am using the default asp.net membership and
    role providers, but for the profile providers, I am using
    dashCommerce's and yetanotherforum's profile providers.

    I each web.config, I have set the machineKey to be the same, and have
    given each web app the exact same authentication, membership and role
    sections, as follows:


    <machineKey validationKey='...??...' decryptionKey='...!!...'
    validation='SHA1'/>
    <authentication mode="Forms">
    <forms name=".theApp_Authentication" loginUrl="http://
    www.encephalitis.info/login.aspx" protection="All" timeout="30"
    path="/"/>
    </authentication>
    <roleManager enabled="true">
    <providers>
    <clear/>
    <add name="AspNetSqlRoleProvider" connectionStringName="myConn"
    applicationName="theApp" type="System.Web.Security.SqlRoleProvider"/>
    </providers>
    </roleManager>
    <membership defaultProvider="AspNetSqlMembershipProvider"
    userIsOnlineTimeWindow="15" hashAlgorithmType="">
    <providers>
    <clear/>
    <add connectionStringName="myConn" applicationName="theApp"
    enablePasswordRetrieval="false" enablePasswordReset="true"
    requiresQuestionAndAnswer="true" requiresUniqueEmail="false"
    passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
    passwordAttemptWindow="10" passwordStrengthRegularExpression=""
    minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0"
    name="AspNetSqlMembershipProvider"
    type="System.Web.Security.SqlMembershipProvider, System.Web,
    Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
    </providers>
    </membership>


    The result is that single sign on does not work. Can anyone tell me
    what I am doing wrong??

    I thought that by setting the machineKey that each app would read the
    cookies created by the other ones, and therefore perform the login.

    One point, that may be relevant:

    Although the <forms loginUrl="..."> is set to the same url
    (www.encephalitis.info/login.aspx), yetanotherforum.net and
    dashCommerce pretty much hard code their own login pages. The only
    problem with this would be if one subdomain cannot read a cookie
    created by another subdomain, as opposed to the main www.encepahlitis.info.

    I must be missing/misunderstanding something. But what...?!

    Andrew
     
    , Feb 6, 2008
    #1
    1. Advertising

  2. naphong xxx Guest

    It can solve your problem,
    http://forum.yetanotherforum.net/yaf_postsm49557_User-Login.aspx#post49557

    > On Saturday, February 09, 2008 2:24 AM andre wrote:


    > Hi
    >
    > I am working on an app for a charity, www.encephalitis.info. They need
    > an online shop and forums. To that effect, I have set up the following
    > subdomains (starter kit used in brackets):
    >
    > www.encephalitis.info
    > forums.encephalitis.info (yetanotherforum.net starter kit)
    > shop.encephalitis.info (dashCommerce.org starter kit)
    >
    > For testing purposes, I am using the default asp.net membership and
    > role providers, but for the profile providers, I am using
    > dashCommerce's and yetanotherforum's profile providers.
    >
    > I each web.config, I have set the machineKey to be the same, and have
    > given each web app the exact same authentication, membership and role
    > sections, as follows:
    >
    >
    > <machineKey validationKey='...??...' decryptionKey='...!!...'
    > validation='SHA1'/>
    > <authentication mode="Forms">
    > <forms name=".theApp_Authentication" loginUrl="http://
    > www.encephalitis.info/login.aspx" protection="All" timeout="30"
    > path="/"/>
    > </authentication>
    > <roleManager enabled="true">
    > <providers>
    > <clear/>
    > <add name="AspNetSqlRoleProvider" connectionStringName="myConn"
    > applicationName="theApp" type="System.Web.Security.SqlRoleProvider"/>
    > </providers>
    > </roleManager>
    > <membership defaultProvider="AspNetSqlMembershipProvider"
    > userIsOnlineTimeWindow="15" hashAlgorithmType="">
    > <providers>
    > <clear/>
    > <add connectionStringName="myConn" applicationName="theApp"
    > enablePasswordRetrieval="false" enablePasswordReset="true"
    > requiresQuestionAndAnswer="true" requiresUniqueEmail="false"
    > passwordFormat="Hashed" maxInvalidPasswordAttempts="5"
    > passwordAttemptWindow="10" passwordStrengthRegularExpression=""
    > minRequiredPasswordLength="4" minRequiredNonalphanumericCharacters="0"
    > name="AspNetSqlMembershipProvider"
    > type="System.Web.Security.SqlMembershipProvider, System.Web,
    > Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
    > </providers>
    > </membership>
    >
    >
    > The result is that single sign on does not work. Can anyone tell me
    > what I am doing wrong??
    >
    > I thought that by setting the machineKey that each app would read the
    > cookies created by the other ones, and therefore perform the login.
    >
    > One point, that may be relevant:
    >
    > Although the <forms loginUrl="..."> is set to the same url
    > (www.encephalitis.info/login.aspx), yetanotherforum.net and
    > dashCommerce pretty much hard code their own login pages. The only
    > problem with this would be if one subdomain cannot read a cookie
    > created by another subdomain, as opposed to the main www.encepahlitis.info.
    >
    > I must be missing/misunderstanding something. But what...?!
    >
    > Andrew
     
    naphong xxx, Apr 28, 2011
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Cowboy \(Gregory A. Beamer\)

    Single Sign on for web apps on same box

    Cowboy \(Gregory A. Beamer\), Nov 5, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    416
    Cowboy \(Gregory A. Beamer\)
    Nov 5, 2003
  2. Rodney Lane

    Single Sign On Web Site

    Rodney Lane, Nov 17, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    586
    John Saunders
    Nov 17, 2003
  3. Jimmy
    Replies:
    1
    Views:
    985
    Cowboy \(Gregory A. Beamer\)
    Nov 21, 2006
  4. jc
    Replies:
    1
    Views:
    283
    bruce barker
    Mar 2, 2008
  5. Jimmy
    Replies:
    3
    Views:
    2,451
    shimmyshack
    Nov 20, 2006
Loading...

Share This Page