Forms authentication across sub domains.

[Mr.Magic]

I have a domain with two subdomains. fred.abc.com and julia.abc.com. Both of
them have forms authentication. I would like to be able to have a link on
julia point to a file on fred and when the user clicks on it it won't ask
them to log in again. (They've already logged in under Julia) Is this
possible?

TIA - Jeff.

 

[Gregory A. Beamer]

I have a domain with two subdomains. fred.abc.com and julia.abc.com.
Both of them have forms authentication. I would like to be able to
have a link on julia point to a file on fred and when the user clicks
on it it won't ask them to log in again. (They've already logged in
under Julia) Is this possible?

If you are using stuff stored in session, it requires some persistant store
(or at least I have found no other way). But, if you are merely looking for
single sign on to a single domain ...

1. Set the machine keys to the same value. You can google and find pages
that generate machine keys

2. Set the authentication cookie name to the same thing. This is done by
changing the name under authentication.

Both of the above are in web.config. I will have to check and see if I have
missed a step with session state, but we used this basic idea years ago for
single sign on, so I know it will work for the basic authentication piece.

NOTE: If you are using the default login stuff, you will have to set both
sites to the same application name in the membership portion. If a person
is going to log in differently, depending on site, you will have to go to a
custom membership provider to handle the fact that you are logging into one
of two "applications" in the membership database.

 

[Mr.Magic]

I'm apparently still doing something wrong.

In my two web.config files I have the following lines (I have actual values
for the validationKey and decryptionKey I just removed them here to make the
code easier to read):

<machineKey validationKey="XXXX" decryptionKey="XXXXX" validation="SHA1"
decryption="3DES" />
<authentication mode="Forms">
<forms name=".ECSAuth" loginUrl="Login.aspx" protection="All" path="/"
timeout="720" domain="themarlincompany.com" enableCrossAppRedirects="true"
/>
</authentication>

I have copied and pasted from one file to the other so I know they are the
same.

When I put link in julia.themarlincompany.com that points to
fred.themarlincompany.com/sdoc/a.pdf which is my secure area, I get my login
page. But they already logged in to Julia.

Any thoughts would be appreciated.

J.

 

[Mr.Magic]

Also want to point out that there is no authentication on
www.themarlincompany.com.

Don't know if that makes any difference.

 

[Gregory A. Beamer]

I'm apparently still doing something wrong.

In my two web.config files I have the following lines (I have actual
values for the validationKey and decryptionKey I just removed them
here to make the code easier to read):

<machineKey validationKey="XXXX" decryptionKey="XXXXX"
validation="SHA1"
decryption="3DES" />
<authentication mode="Forms">
<forms name=".ECSAuth" loginUrl="Login.aspx" protection="All"
path="/"
timeout="720" domain="themarlincompany.com"
enableCrossAppRedirects="true" />
</authentication>

Try dropping the domain="" portion and see what happens. I don't remember
setting that on the time we did the single sign on.