Single sign-on with .ASPXAUTH cookie

Discussion in 'ASP .Net Security' started by Andrey Skvortsov, Jun 8, 2004.

  1. How I can issue web forms authentification cookie that can be used by both applications located on same server(server wide asp.net cookie)?I've one users' domain but asp.net encrypts .ASPXAUTH cookies differently for these two applications
    What can I do with it?
     
    Andrey Skvortsov, Jun 8, 2004
    #1
    1. Advertising

  2. Make sure the cookie name and path are the same. Also, in the
    machine.config, it will have the encryption key set to something like :-

    <machineKey validationKey="AutoGenerate,IsolateApps"
    decryptionKey="AutoGenerate,IsolateApps" validation="SHA1" />

    The "isolateApps" means that a different key will be AutoGenerated for
    *each* application. You can either remove the isolateApps option or insert a
    specific key value for it to use.

    --
    - Paul Glavich
    Microsoft MVP - ASP.NET


    "Andrey Skvortsov" <> wrote in message
    news:...
    > How I can issue web forms authentification cookie that can be used by both

    applications located on same server(server wide asp.net cookie)?I've one
    users' domain but asp.net encrypts .ASPXAUTH cookies differently for these
    two applications.
    > What can I do with it?
     
    Paul Glavich [MVP - ASP.NET], Jun 8, 2004
    #2
    1. Advertising

  3. Thanks Paul,don't know about this setting, so ASP.NET supports single sign-on out of the box-wonderful!
     
    Andrey Skvortsov, Jun 9, 2004
    #3
  4. You have a full sample of SSO with Forms here:
    http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx

    --
    Hernan de Lahitte
    Lagash Systems S.A.
    http://weblogs.asp.net/hernandl


    This posting is provided "AS IS" with no warranties, and confers no rights.

    "Andrey Skvortsov" <> wrote in message
    news:...
    > How I can issue web forms authentification cookie that can be used by both

    applications located on same server(server wide asp.net cookie)?I've one
    users' domain but asp.net encrypts .ASPXAUTH cookies differently for these
    two applications.
    > What can I do with it?
     
    Hernan de Lahitte, Jun 9, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Cowboy \(Gregory A. Beamer\)

    Single Sign on for web apps on same box

    Cowboy \(Gregory A. Beamer\), Nov 5, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    398
    Cowboy \(Gregory A. Beamer\)
    Nov 5, 2003
  2. Jimmy
    Replies:
    1
    Views:
    962
    Cowboy \(Gregory A. Beamer\)
    Nov 21, 2006
  3. Amir Tohidi
    Replies:
    0
    Views:
    1,207
    Amir Tohidi
    Dec 18, 2007
  4. Kylin

    Meaning ?-----------------> ".ASPXAUTH"

    Kylin, May 17, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    210
    Manohar Kamath
    May 17, 2005
  5. Jimmy
    Replies:
    3
    Views:
    2,429
    shimmyshack
    Nov 20, 2006
Loading...

Share This Page