Re: asp.net login contol using url redirect
From: Rico Wind (usenet_at_rico-wind.dk)
Date: 07/24/05
- Next message: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: The server is not operational"
- In reply to: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Reply: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 24 Jul 2005 13:02:33 +0200
I finally solved the problem. The solution was very simple as asp.net
2.0 supports cookieless forms authentication by putting the
cookieless="UseUri" attribute in the forms tag in the web.config.
/rw
Dominick Baier [DevelopMentor] wrote:
> Hello Rico,
>
> ah ok -
> yes - you are right. a cookie for www.domain1.com won't be sent to
> www.domain2.com
>
> what you can get to work is that a cookie for xxx.domain.com will be
> sent to yyy.domain.com e.g.
>
> You have to manually issue the cookie and set the Domain property on the
> HttpCookie class accordingly.
>
> but from your requirements i assume that the complete domain name
> changes - this is not supported (not ASP.NET's fault - it is a RFC)
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
>> Hello Dominick and thank you for you answer but i think you
>> misunderstood my problem.
>>
>> Dominick Baier [DevelopMentor] wrote:
>>
>>> Hello Rico,
>>>
>>> so the login control is in a different application on your server??
>>>
>> No the login is an integrated part of the application. The problem is
>> that if i open the site directly from xxx.xxx/application/login.aspx
>> it is functioning as expected, i.e., the user is logged in.
>> If however I include the site in a frame on another site, e.g.,
>> zzz.zzz/myframepage.html the login does not work. I expect that the
>> problem is that the cookie which is automaticaly created is connected
>> to
>> the zzz.zzz domain and not the xxx.xxx domain, but I am not sure. And
>> even if I am right how do I work around this problem?
>> Note that the zzz.zzz domain does not use any information from the
>> xxx.xxx/application, the only thing is that it should be able to run
>> in a frame.
>> /rw
>>
>>> the resulting authentication cookie is encrypted, with a key that is
>>> unique for each application. So if LoginApp1 creates and encrypts the
>>> cookie MainApp will not be able to decrypt the cookie again.
>>>
>>> You can manually set the key used for enc/decyption and it has to be
>>> the same for both apps.
>>>
>>> Have a look at the machineKey section in machine/web.config. We have
>>> a tool on our website which can generate you the necessary xml
>>> elements - just copy that to all web.configs or machine.config if you
>>> want to have the same key for all apps on the machine.
>>> http://www.develop.com/technology/resourcedetail.aspx?id=78da5ca5-507
>>> 9-4f8f-99c5-b080117ceac0
>>>
>>> ---------------------------------------
>>> Dominick Baier - DevelopMentor
>>> http://www.leastprivilege.com
>>>
>>>> Hello
>>>>
>>>> I have an asp.net website that uses the login control and a custom
>>>> build
>>>> membership provider. The site is running fine, but the problem is
>>>> that
>>>> i cannot use it in a frame from another site. When logging in the
>>>> login
>>>> screen just reapears. It will however give back a message if a wrong
>>>> username/password combination is given.
>>>> I could of course put the code on the site that uses the frame, but
>>>> the
>>>> component is to be used from several sites and I would really like
>>>> to
>>>> keep the code on one server to easially be able to upgrade the
>>>> underlying pages.
>>>> /rw
>
>
>
>
- Next message: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Previous message: Joe Kaplan \(MVP - ADSI\): "Re: The server is not operational"
- In reply to: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Next in thread: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Reply: Dominick Baier [DevelopMentor]: "Re: asp.net login contol using url redirect"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
