Re: Forms Authentication: login page in a separate web app

From: Brad (nospam_at_co.lane.or.us)
Date: 11/24/03 

Date: Mon, 24 Nov 2003 11:04:38 -0800

Hari - This is quite possible and in fact we're using it; our portal app
manages all logins for all apps. You should read up on how to do this in
Building Secure Microsoft ASP.NET Applications
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp

"Hari Menon" <anonymous@discussions.microsoft.com> wrote in message
news:042201c3934f$14869690$a401280a@phx.gbl...
> Hi,
>
> I would like to create a WebApp, say MySecurityProvider,
> that just contains a login page that knows how to
> authenticate a user. And I want other web apps, e.g.
> MyTestWebApp, that require authentication to point their
> loginUrl to the login page in my web app.
>
> Is that possible? I tried setting the loginUrl in
> MyTestWebApp to ponit to /MySecurityProvider/login.aspx.
> What happens is that the redirect to the login page
> succeeds and the login goes through as well and the
> cookie gets issued (I set the path to "/" in both the
> RedirectFromLoginPage() as well as in the <forms> tag).
> But the protected resource in MyTestWebApp still cannot
> be accessed. When I access an unprotected resource in
> MyTestWebApp and check the cookies that are set, I do see
> that the auth cookie IS there. But somehow I do not seem
> to be able to access the protected resource on
> MyTestWebApp - it always redirects me to the login page.
>
> Am I doing something wrong or is this not supposed to
> work?

Relevant Pages

  • Authentication Sharing Across Apps
    ... For my part "B" question that I had (Login App was not returning ... authentication to calling app), I found the solution. ... Basically, in both the Login App and Calling App Web.Config, I did ... authenticated connection with SQL server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: QuickLaunch disappears
    ... I checked the login registery and I am pointing to the corrrect .exe. ... started and App, it crashed and sent a dump to Microsoft (this ... Documents and Settings I see "Lori Csontos" along with a "Lori". ...
    (microsoft.public.windowsxp.general)
  • Re: Session object timout
    ... > specifying your OS and IIS level, but the phenomenon may be caused by the ... > app is running in. ... >> users must go through a login page. ... >> recreating the session object which holds the class I mentioned above. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Permit only one network logon per user
    ... You app is controlling its listener and allowing/disallowing the ... allow a second connection to it using the same creds. ... multiple simultaneous logons with the same username and password ... If user username try to login from a different machine, ...
    (microsoft.public.windows.server.security)
  • Re: Session object timout
    ... Aside from the fact that I kind of like an application timing out for security ... setting of the Application Pool that your ASP.NET app is running in. ... Application pool was introduced in Windows 2003 with IIS 6.0, ... > users must go through a login page. ...
    (microsoft.public.dotnet.framework.aspnet)