Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Forms Authentication for multiple applications

Reply
Thread Tools

Forms Authentication for multiple applications

 
 
cab0san
Guest
Posts: n/a
 
      02-11-2005
I have several applications all on the same server. I would like them
to all use the same login page.

Example:
http://server1/customers/app1.aspx
http://server1/suppliers/byregion/app2.aspx

I have a login page located in the root of the same server:
http://server1/login.aspx

None of these are virtual directories.

The web.config file for customers/ and suppliers/byregion/ looks like
this:

<authentication mode="Forms">
<forms loginUrl="/login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

The web.config for the root web looks like this
<authentication mode="Forms">
<forms loginUrl="login.aspx" name=".ASPXAUTH" timeout="30" path="/"
protection="All">
</forms>
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

Both apps are configured to allow anonymous in iis.

The login page code looks like this:

Dim tkt As FormsAuthenticationTicket
tkt = New FormsAuthenticationTicket(1, Me.txtUser.Text, DateTime.Now(),
DateTime.Now.AddMinutes(30), True, "<group info would go here>")
Dim cookiestr As String
cookiestr = FormsAuthentication.Encrypt(tkt)
Dim ck As HttpCookie
ck = New HttpCookie(".ASPXAUTH", cookiestr)
ck.Expires = tkt.Expiration
ck.Path = "/"
Response.Cookies.Add(ck)
Dim strRedirect As String
strRedirect = Request("ReturnURL")
Response.Redirect(strRedirect)

When I request a page in customers, like
http://server1/customers/app1.aspx, I am redirected to the login page
(good), bet when I click logon and run the above code, it just returns
to the login page again (bad).
The "ReturnURL" is correct, as I have seen in debug mode.

I'm guessing that app1 is rejecting my cookie, and returning me to the
login page again, but why?

I must be missing something simple. Any ideas?

 
Reply With Quote
 
 
 
 
cab0san
Guest
Posts: n/a
 
      02-14-2005
If anyone is interested, I found the answer here.

http://weblogs.asp.net/hernandl/arch...formsauth.aspx

Basically, it had to do with the "IsolateApps" setting and the machine
key settings in the machine.config file.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Multiple applications/multiple web.configs: how to structure a big collection of (seemingly) nested web applications? ASP .Net 3 06-14-2007 09:25 AM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms based authentication + multiple applications + directory service.... Jéjé ASP .Net 1 10-20-2005 05:23 PM
Forms based authentication + multiple applications + directory service.... Jéjé ASP .Net Security 1 10-20-2005 05:23 PM
Forms authentication across multiple applications and framework versions JC ASP .Net 1 11-05-2003 11:59 PM



Advertisments