Re: forms authentication across multiple web servers

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 11/24/05

Next message: Roel: "Re: forms authentication across multiple web servers"
Previous message: Roel: "forms authentication across multiple web servers"
In reply to: Roel: "forms authentication across multiple web servers"
Next in thread: Roel: "Re: forms authentication across multiple web servers"
Reply: Roel: "Re: forms authentication across multiple web servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 24 Nov 2005 08:04:06 -0800

Hello Roel,

what are the names of the machines from a client (=IE) perspective...

A RFC compliant browser does not send a cookie form serverA.domain.com to
serverB.domain.com - you have to adjust the domain attribute in the <forms>
configuration to ".domain.com" - this means IE sends the cookie to all servers
under the "domain.com" namespace.

though i am not sure if this is already there in 1.1 - otherwise issue the
cookie manually and set the .Domain property

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi,
>
> I want to provide a single sign on for 2 web applications hosted in
> different environments.
> I set the machinekey to the same value in both web.config files (also
> i set
> them to the same value in the machine.config files). The
> <authentication
> mode="Forms" > section is exactly the same in both applications:
> <authentication mode="Forms" >
> <forms name=".EuphAc" loginUrl="Main/loginForm.aspx"
> protection="All"
> timeout="60" />
> </authentication>
> The only time this works is if I do it on the same physical machine: 2
> web applications sharing the same machinekey in web.config section and
> <authentication mode="Forms" > section.
>
> If I try the same moving application 2 to another server (including
> the web.config file which stays the same), or to localhost, I can
> login on one system but it does not login on the other system.
>
> (Strange thing was it sometimes seemed(!) that it worked but after 1
> second it redirected me back to the login page.)
>
> I hope I'm somewhat clear.....
>
> What am I doing wrong ?
>
> Any help much appreciated!
>
> Roel
>

Next message: Roel: "Re: forms authentication across multiple web servers"
Previous message: Roel: "forms authentication across multiple web servers"
In reply to: Roel: "forms authentication across multiple web servers"
Next in thread: Roel: "Re: forms authentication across multiple web servers"
Reply: Roel: "Re: forms authentication across multiple web servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Cookies and web applications
... When the users register ... a cookie is created with an identifier and their ... web applications call on this same cookie with the identifier, ... when a user registers (using the login web ...
(comp.lang.java.help)
forms authentication across multiple web servers
... I want to provide a single sign on for 2 web applications hosted in ... I set the machinekey to the same value in both web.config files (also i set ... The <authentication ... system but it does not login on the other system. ...
(microsoft.public.dotnet.framework.aspnet.security)