Single Sign-In Forms Authentication not working across applications. Authentication cookie is not persisted!

Posted on 2009-04-20
Last Modified: 2013-11-08

I have several applications (main admin with login page, several sub applications) that use a common, single sign-in page.
I have followed all .NET documentation and setup my web.config with the same settings forms authentication settings as well as a common machineKey (see config code below).

The authentication cookie is definitely created for the root application.
It is not persisted when traversing to another application.

As mentioned, all settings in the config are identical across each application.
I have copied and pasted several times over to ensure this is correct and can be discounted.

I must be missing an important step or misconfigured the config (see below).

Are the machine key settings correct? How does the application know that the machine key is encrypted etc and how to decrypt?

Any help on this would be great.

Thanks for your time.



		<!-- Authentication -->

		<authentication mode="Forms">


			<!-- TODO: Ensure 'requiresSSL=true' and '' when deployed -->

			<forms name="1ab778d0-22ea-4096-ada7-a932fd00eac3"









				   timeout="30" />






		<!-- Validation, decryption keys and validation algorith must be the same (single sign-in) -->




			validation="SHA1" />



Open in new window

Question by:smacca
    LVL 83

    Accepted Solution

    LVL 83

    Expert Comment

    Are you still around?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
    Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
    This video discusses moving either the default database or any database to a new volume.
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now