Re: forms authentication across multiple web servers
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 11/24/05
- Next message: Michael Brandt Lassen: "Re: Forms authentication to secure various static content?"
- Previous message: Roel: "Re: forms authentication across multiple web servers"
- In reply to: Roel: "Re: forms authentication across multiple web servers"
- Next in thread: Roel: "Re: forms authentication across multiple web servers"
- Reply: Roel: "Re: forms authentication across multiple web servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Nov 2005 08:43:12 -0800
Hello Roel,
this only works if the servers are in a contiguous domain namespace...sorry.
You are out of luck here.
ASP.NET 2.0 supports cookieless forms authentication. Your scenario would
work there.
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> Hi Dominick,
>
> Thanks for your answer.
>
> The domain names differ completely:
>
> Server 1=
> dev.xxx.biz
> Server 2=
> devnet.yyy.be
> I will check the domain attribute.
> should I set domain= .yyy.be in the web.config of server 2 and xxx.biz
> in
> the web.config of server 1 ?
> Roel
>
> "Dominick Baier [DevelopMentor]"
> <dbaier@pleasepleasenospamdevelop.com> wrote in message
> news:4580be6314c8ee8c7bf30365b41a8@news.microsoft.com...
>
>> Hello Roel,
>>
>> what are the names of the machines from a client (=IE) perspective...
>>
>> A RFC compliant browser does not send a cookie form
>> serverA.domain.com to serverB.domain.com - you have to adjust the
>> domain attribute in the <forms> configuration to ".domain.com" -
>> this means IE sends the cookie to all servers under the "domain.com"
>> namespace.
>>
>> though i am not sure if this is already there in 1.1 - otherwise
>> issue the cookie manually and set the .Domain property
>>
>> ---------------------------------------
>> Dominick Baier - DevelopMentor
>> http://www.leastprivilege.com
>>> Hi,
>>>
>>> I want to provide a single sign on for 2 web applications hosted in
>>> different environments.
>>> I set the machinekey to the same value in both web.config files
>>> (also
>>> i set
>>> them to the same value in the machine.config files). The
>>> <authentication
>>> mode="Forms" > section is exactly the same in both applications:
>>> <authentication mode="Forms" >
>>> <forms name=".EuphAc" loginUrl="Main/loginForm.aspx"
>>> protection="All"
>>> timeout="60" />
>>> </authentication>
>>> The only time this works is if I do it on the same physical machine:
>>> 2
>>> web applications sharing the same machinekey in web.config section
>>> and
>>> <authentication mode="Forms" > section.
>>> If I try the same moving application 2 to another server (including
>>> the web.config file which stays the same), or to localhost, I can
>>> login on one system but it does not login on the other system.
>>>
>>> (Strange thing was it sometimes seemed(!) that it worked but after 1
>>> second it redirected me back to the login page.)
>>>
>>> I hope I'm somewhat clear.....
>>>
>>> What am I doing wrong ?
>>>
>>> Any help much appreciated!
>>>
>>> Roel
>>>
- Next message: Michael Brandt Lassen: "Re: Forms authentication to secure various static content?"
- Previous message: Roel: "Re: forms authentication across multiple web servers"
- In reply to: Roel: "Re: forms authentication across multiple web servers"
- Next in thread: Roel: "Re: forms authentication across multiple web servers"
- Reply: Roel: "Re: forms authentication across multiple web servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
