Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > Shared login authentication between two domains?!

Reply
Thread Tools

Shared login authentication between two domains?!

 
 
tanya.wang@gmail.com
Guest
Posts: n/a
 
      10-30-2007
Hi all,

We have a site called http://www.mydomainxyz.com/ and our network guy
has set up load balancing with multiple IIS servers. We also have a
function that allows users to upload photos on our website. Recently
we found that doing load balancing will cause the upload function not
workable sometimes and we came up with a plan by creating a specific
domain (let's say http://upload.mydomainxyz.com/) and linking it to
our primary web server. We expect that every uploaded pictures will be
stored under the folder of our primary IIS server. But here comes my
problem -

Since all users are required to login before uploading pictures, We
found that the new domain cannot carry over the login information that
our www domain already knows. In other words, if our users log in
http://www.mydomainxyz.com/, they have to login again when they switch
to the page beginning with upload. Is there any way that these two
domain can share the same login information without requiring them to
input login information again?

The http://upload.mydomainxyz.com/ will only be used for uploading
pictures only. All other pages we will use the www domain.

Here is what I did when login to www.mydomainxyz.com -

<%
set rs=server.createobject("adodb.recordset")
sql="select ID, username, pass from registration where username='" &
request("username") & "' and password='" & request("password")& "'"
set rs = conn.execute(sql)
if not rs.eof then
'Login cookies
response.cookies("login_situation")="OK"
response.cookies("login_name")=rs("username")
response.cookies("login_userid")=rs("Id")
else
response.redirect ("../login.asp")
end if

%>

 
Reply With Quote
 
 
 
 
Anthony Jones
Guest
Posts: n/a
 
      10-30-2007
<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Hi all,
>
> We have a site called http://www.mydomainxyz.com/ and our network guy
> has set up load balancing with multiple IIS servers. We also have a
> function that allows users to upload photos on our website. Recently
> we found that doing load balancing will cause the upload function not
> workable sometimes and we came up with a plan by creating a specific
> domain (let's say http://upload.mydomainxyz.com/) and linking it to
> our primary web server. We expect that every uploaded pictures will be
> stored under the folder of our primary IIS server. But here comes my
> problem -
>
> Since all users are required to login before uploading pictures, We
> found that the new domain cannot carry over the login information that
> our www domain already knows. In other words, if our users log in
> http://www.mydomainxyz.com/, they have to login again when they switch
> to the page beginning with upload. Is there any way that these two
> domain can share the same login information without requiring them to
> input login information again?
>
> The http://upload.mydomainxyz.com/ will only be used for uploading
> pictures only. All other pages we will use the www domain.
>
> Here is what I did when login to www.mydomainxyz.com -
>
> <%
> set rs=server.createobject("adodb.recordset")
> sql="select ID, username, pass from registration where username='" &
> request("username") & "' and password='" & request("password")& "'"
> set rs = conn.execute(sql)
> if not rs.eof then
> 'Login cookies
> response.cookies("login_situation")="OK"
> response.cookies("login_name")=rs("username")
> response.cookies("login_userid")=rs("Id")
> else
> response.redirect ("../login.asp")
> end if
>
> %>
>


Don't create multiple cookies use a single multi value cookie like this:-

Set oLogonCookie = Response.Cookies("Logon")
oLogonCookie("state") = "ok"
oLogonCookie("username") = rs("username")
oLogonCookie("userId") = rs("id")
oLogonCookie.Domain = "mydomainxyz.com"

Note the domain property above will cause the cookie to be sent with
requests for any host in the domain (i.e., both upload and www will receive
the cookie regardless of which created it).

--
Anthony Jones - MVP ASP/ASP.NET


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shared memory python between two separate shell-launched processes Charles Fox (Sheffield) Python 9 02-12-2011 02:19 PM
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
Strange problem with Forms authentication: After successfull login, login page is still displayed Pascal Blanchard ASP .Net Security 1 08-18-2004 08:36 AM
Strange problem with Forms authentication: After successfull login, login page is still displayed Pascal Blanchard ASP .Net Security 0 08-17-2004 06:26 PM



Advertisments