Forms Authentication Fails Between ASP.NET 1.0 and 1.1 Applications (Cookie Decryption Fails)

J

John Saunders

I have an existing ASP.NET 1.0 application at the root of a web site. There
is another 1.0 application in a virtual directory under the root. Forms
Authentication works fine between the two.

When the script maps in the sub-application are changed to use ASP.NET 1.1,
Forms Authentication breaks. In particular, the Forms Authentication cookie
no longer decrypts, so that the AuthenticateRequest handler finds
Request.IsAuthenticated == false. No other changes are made to the
sub-application, which was not recompiled for Framework 1.1, and resetting
the script maps to use ASP.NET 1.0 restores full functionality.

Setting both the root application and the sub-application to use ASP.NET 1.1
also allows the cookie to be decrypted properly.

Both applications have an explicit <machineKey> element in their web.config
files.

We are not ready to upgrade all of our applications to use ASP.NET 1.1. Does
anyone have a solution for this, or any ideas of where I should go from
here?

Thanks,
John Saunders
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top