Re: Context.User across sites

From: Ben Waldron (BenWaldron_at_discussions.microsoft.com)
Date: 09/08/05

  • Next message: Phil Rayner: "Re: Directory size - Security ACLs causing Endless loop"
    Date: Wed, 7 Sep 2005 15:46:03 -0700
    
    

    Thanks Dominick. There diesn't seem to be an update on the cookies from 1.0
    to 2.0 so looks like it will work.

    For others, I found a link that describes what I am looking to do pretty well:
    http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx

    Thanks,
    Ben

    "Dominick Baier [DevelopMentor]" wrote:

    > Hello Ben,
    >
    > ok - i am not 100% sure if the FormsAuth cookies are compatible between 1.0
    > and 2.0, but
    >
    > - you have to get that cookie accross to you "other" site (easy if in the
    > same domain namespace) - or in other words, the browser has to send the cookie
    > to both sites
    > - if both apps use the same key for cookie decryption/validation this should
    > just work seamlessly.
    >
    > generate a <machineKey> element, duplicate this setting in both apps.
    >
    > here is a tool to generate the key xml element:
    > http://www.develop.com/technology/resourcedetail.aspx?id=78da5ca5-5079-4f8f-99c5-b080117ceac0
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > Dominick-
    > >
    > > Yes, using Forms auth.
    > >
    > > Thanks,
    > > Ben
    > > "Dominick Baier [DevelopMentor]" wrote:
    > >
    > >> Hello Ben,
    > >>
    > >> are you using FormsAuthentication??
    > >>
    > >> ---------------------------------------
    > >> Dominick Baier - DevelopMentor
    > >> http://www.leastprivilege.com
    > >>> I have a website (ASP.NET 1.0) that is attaching a Principle to
    > >>> Context.User (and checking autnetication in the Authenticate_Request
    > >>> event.
    > >>>
    > >>> I am planning on deploying another site (ASP.NET 2.0) and want
    > >>> respect the authentication from the first site. Is it possible to
    > >>> do this? I would assume that I would lose the Context across site
    > >>> boundaries, but wanted to check to make sure.
    > >>>
    > >>> If I can't do this, what is the path of least resistance to unify
    > >>> authentication across these sites (Windows authentication is not an
    > >>> option)?
    > >>>
    > >>> Thanks in advance,
    > >>> Ben
    >
    >
    >
    >


  • Next message: Phil Rayner: "Re: Directory size - Security ACLs causing Endless loop"

    Relevant Pages