N
news.microsoft.com
Hello Everyone,
Here is my situation:
- build a website with a public portion and multiple secured
applications
- security information is in active directory (user ids) and a database
(roles)
- single-signon is required across all applications
My problem is i can't seem to get single-signon working across multiple
virtual directories ... If i logon i can access secured pages within the
"Logon" virtual directory, but not within other virtual directories ... from
my understanding, as long as the auth cookie's path is "/", it should be
accessible across the entire website .... anyone have any idea what i am
doing wrong? ... here is how i set things up:
VIRTUAL DIRECTORIES
- Public (contains links to the secured applications)
- Logon (if a user access a secured application without logging on, they
will be redirected here)
- Application1 (secured application)
- Application2 (secured application)
PUBLIC VIRTUAL DIRECTORY
- anonymous access in IIS
- web.config has all default setting
LOGON VIRTUAL DIRECTORY
- anonymous access in IIS
- forms authentication
WEB.CONFIG
<authentication mode="Forms">
<forms loginUrl="Default.aspx" name="ldapAuthCookie"
timeout="60" path="/"></forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
SET AUTH COOKIE CODE (executed when the Logon button is clicked):
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
DateTime.Now.AddMinutes(60), False, "", FormsAuthentication.FormsCookiePath)
Dim encryptedTicket As String =
FormsAuthentication.Encrypt(authTicket)
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
Response.Cookies.Add(authCookie)
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
False))
APPLICATION VIRTUAL DIRECTORIES
- anonymous access in IIS
- forms authentication
WEB.CONFIG
<authentication mode="Forms">
<forms loginUrl="/Logon /Default.aspx"
name="ldapAuthCookie"></forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
any help would be appreciated
thanks,
john paddington
Here is my situation:
- build a website with a public portion and multiple secured
applications
- security information is in active directory (user ids) and a database
(roles)
- single-signon is required across all applications
My problem is i can't seem to get single-signon working across multiple
virtual directories ... If i logon i can access secured pages within the
"Logon" virtual directory, but not within other virtual directories ... from
my understanding, as long as the auth cookie's path is "/", it should be
accessible across the entire website .... anyone have any idea what i am
doing wrong? ... here is how i set things up:
VIRTUAL DIRECTORIES
- Public (contains links to the secured applications)
- Logon (if a user access a secured application without logging on, they
will be redirected here)
- Application1 (secured application)
- Application2 (secured application)
PUBLIC VIRTUAL DIRECTORY
- anonymous access in IIS
- web.config has all default setting
LOGON VIRTUAL DIRECTORY
- anonymous access in IIS
- forms authentication
WEB.CONFIG
<authentication mode="Forms">
<forms loginUrl="Default.aspx" name="ldapAuthCookie"
timeout="60" path="/"></forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
SET AUTH COOKIE CODE (executed when the Logon button is clicked):
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now,
DateTime.Now.AddMinutes(60), False, "", FormsAuthentication.FormsCookiePath)
Dim encryptedTicket As String =
FormsAuthentication.Encrypt(authTicket)
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
Response.Cookies.Add(authCookie)
Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUserName.Text,
False))
APPLICATION VIRTUAL DIRECTORIES
- anonymous access in IIS
- forms authentication
WEB.CONFIG
<authentication mode="Forms">
<forms loginUrl="/Logon /Default.aspx"
name="ldapAuthCookie"></forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
any help would be appreciated
thanks,
john paddington