Membership Provider for Mult apps

[GaryDean]

I have serveral applications now running that are using the
MembershipProvider classes and they are each using their own security tables
in SQL Server 2005 instead of the express databases - they are all work
well.

Now we have a need to have many different asp.net websites and web services
use a single security database because they all share the same user and
administrator community. It doesn't seem there will be a problem with all
of them accessing the same security tables. I am wondering, however, if I
will run into any issues with Authentication. We want to authentication to
work separately for the different websites - getting authenticated on one
website should not cause authentication on others. I don't know what gets
stored in the database regarding authentication.

Could there be issues with authentication in this environment? Is anyone
controlling many websites with a single MembershipProvider DB?

 

[Steven Cheng[MSFT]]

Hi Gary,

From your description, you're now using a shared central sql database for
multiple ASP.NET web applications(as the membershp .. service's storage).
And you're wondering whether it will cause the authentifcation in all those
application get messed, correct?

As for the ASP.NET application's membership authentication, though you can
share the membership user/account info among multiple applications(by using
the same provider and same backend database), the actual authentication is
relying on the authentication cookie generated by each application. Thus,
by default each application will generate their own authentication cookie
and user authenticated in one application won't be able to get
recognized(as authenticated) in another application.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.




--------------------

 

[GaryDean]

Yes, that sounds right. And, if we want to share authentication between any
apps we would use the identical Machine Key entries in each web config.
This makes me wonder if somehow the "multi-authentication" capability
provided by indentical Machikne Keys could somehow be accomplished
dynamically at run time. i.e. we will authenticate this user for apps one
and three but the other user only gets authenticated for app one. ??

 

[Steven Cheng[MSFT]]

Thanks for your reply Gary,

Yes, you're right. Setting machinekey is the way to make multiple ASP.NET
application to share forms authentication ticiket(cookie). And I can ensure
you that the dynamically generated cookie won't mixed up(unless you've
manually set fixed machinekey for all the applications), this is because
the default "autogenerated" key is based on machine setting(that's
statistical unique). Also, to make multiple applications share
authentication, they need to be under the same main domain address, so this
is also a limitation, and that's not a easy thing

Please feel free to post here if there is anything else you wonder.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.



--------------------

From: "GaryDean" <[email protected]>
References: <Op#[email protected]>

Subject: Re: Membership Provider for Mult apps
Date: Fri, 12 Oct 2007 11:03:02 -0700