Re: Context.User across sites
From: Ben Waldron (BenWaldron_at_discussions.microsoft.com)
Date: Wed, 7 Sep 2005 15:46:03 -0700
Thanks Dominick. There diesn't seem to be an update on the cookies from 1.0
to 2.0 so looks like it will work.
For others, I found a link that describes what I am looking to do pretty well:
"Dominick Baier [DevelopMentor]" wrote:
> Hello Ben,
> ok - i am not 100% sure if the FormsAuth cookies are compatible between 1.0
> and 2.0, but
> - you have to get that cookie accross to you "other" site (easy if in the
> same domain namespace) - or in other words, the browser has to send the cookie
> to both sites
> - if both apps use the same key for cookie decryption/validation this should
> just work seamlessly.
> generate a <machineKey> element, duplicate this setting in both apps.
> here is a tool to generate the key xml element:
> Dominick Baier - DevelopMentor
> > Dominick-
> > Yes, using Forms auth.
> > Thanks,
> > Ben
> > "Dominick Baier [DevelopMentor]" wrote:
> >> Hello Ben,
> >> are you using FormsAuthentication??
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>> I have a website (ASP.NET 1.0) that is attaching a Principle to
> >>> Context.User (and checking autnetication in the Authenticate_Request
> >>> event.
> >>> I am planning on deploying another site (ASP.NET 2.0) and want
> >>> respect the authentication from the first site. Is it possible to
> >>> do this? I would assume that I would lose the Context across site
> >>> boundaries, but wanted to check to make sure.
> >>> If I can't do this, what is the path of least resistance to unify
> >>> authentication across these sites (Windows authentication is not an
> >>> option)?
> >>> Thanks in advance,
> >>> Ben