Re: Single signon (with FormsAuth) for mutliple web apps

From: Brad (nospam_at_co.lane.or.us)
Date: 09/26/03 

Date: Thu, 25 Sep 2003 17:07:16 -0700

I found the problem....basicaly a brain lapse on my part after being away
from hands-on coding for a few months.
I can access the authentication info just fine but I need to do it in
Application_AuthenticateRequest. Once I did that then everything works as I
expected: Identity is avaialble and IsAuthenticated is true is the user is
logged in.
Brad

"Chris Jackson" <chrisj@mvps.org> wrote in message
news:uHqrDQ3gDHA.2172@TK2MSFTNGP09.phx.gbl...
> In terms of your code, both of your assemblies (one for each we
application)
> are completely separate. One assembly doesn't get to read from the other,
> even though they are in the same App Domain. The ability to read the
cookie
> by both essentially serves as the cross-assembly communication mechanism
> (visualize it as serving a similar function to named pipes); others are
> available, but this is probably the easiest.
>
> One solution I have implemented is to create a custom logon page that
looks
> for a cookie that indicates authentication. If I find a valid cookie, then
I
> go ahead and set up that user as authenticated and return to the page that
> requested the authentication. If I don't, then I display the page as
normal
> and have them enter their user/pass.
>
> --
> Chris Jackson
> Software Engineer
> Microsoft MVP - Windows XP
> Windows XP Associate Expert
> --
> "Brad" <nospam@co.lane.or.us> wrote in message
> news:%23SiEhvtgDHA.3828@tk2msftngp13.phx.gbl...
> > I'm working on single signon for multiple web apps on a single domain.
If
> I
> > authenticate in wepApp1 then I am authenticated in webApp2 however,
> anywhere
> > in the global.asax code of webApp2 the following don't seem to be
> > set/initialized:
> > Request.IsAuthenticated
> > User.Identity
> > The authentication cookie is available in webApp2's global.asax and
> once
> > a form is loaded (i.e. I'm on a pageload event) the values of
> > Request.IsAuthenticated and User.Identity are available.
> >
> > So why would the values of user identity and IsAuthenticated not be
> > avaialble in the global.asax of webApp2?
> >
> >
> > Thanks
> >
> >
> > Brad
> >
> >
> >
>
>

Relevant Pages

  • RE: Forms authentication cookie handling question (C#)
    ... I also replaced all of my ticket authentication code with the ... // Username and or password not found in our database... ... LoginControl's default code logic to generate authentication cookie. ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: Forms Authentication
    ... The DNS entry for my domain was not set corrretly, ... This should have overcome the cookie ... authentication ticketis not correctly set to the domain your ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: Forms authentication cookie handling question (C#)
    ... programmatically generate forms authentication ticket and set it in ASP.NET ... You use the Login control's "Authentication" event to do the user ... LoginControl's default code logic to generate authentication cookie. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: authentication cookie vs session cookie
    ... level of using authentication cookies on the client machines. ... authentication cookie on a manager's machine is stolen and used on a client ... > session variables as it relies on the session cookie that ASP.NET sends to ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: forms authentication cookie problem
    ... authentication cookie. ... what's going on on the server. ... >324488 Forms Authentication and View State Fail ... >characters, the browser will still request the page, but ...
    (microsoft.public.dotnet.framework.aspnet.security)