Single Sign-In Forms Authentication not working across applications. Authentication cookie is not persisted!
Hi,
I have several applications (main admin with login page, several sub applications) that use a common, single sign-in page.
I have followed all .NET documentation and setup my web.config with the same settings forms authentication settings as well as a common machineKey (see config code below).
The authentication cookie is definitely created for the root application.
It is not persisted when traversing to another application.
As mentioned, all settings in the config are identical across each application.
I have copied and pasted several times over to ensure this is correct and can be discounted.
I must be missing an important step or misconfigured the config (see below).
Are the machine key settings correct? How does the application know that the machine key is encrypted etc and how to decrypt?
Any help on this would be great.
Thanks for your time.
Steve.
I have several applications (main admin with login page, several sub applications) that use a common, single sign-in page.
I have followed all .NET documentation and setup my web.config with the same settings forms authentication settings as well as a common machineKey (see config code below).
The authentication cookie is definitely created for the root application.
It is not persisted when traversing to another application.
As mentioned, all settings in the config are identical across each application.
I have copied and pasted several times over to ensure this is correct and can be discounted.
I must be missing an important step or misconfigured the config (see below).
Are the machine key settings correct? How does the application know that the machine key is encrypted etc and how to decrypt?
Any help on this would be great.
Thanks for your time.
Steve.
<system.web>
<!-- Authentication -->
<authentication mode="Forms">
<!-- TODO: Ensure 'requiresSSL=true' and 'domain=xxxx.com' when deployed -->
<forms name="1ab778d0-22ea-4096-ada7-a932fd00eac3"
domain="http://localhost/myclubz"
path="/myclubz/myclubz.web.admin/"
loginUrl="/myclubz/myclubz.web.admin/login.aspx"
defaultUrl="/myclubz/myclubz.web.admin/default.aspx"
enableCrossAppRedirects="true"
requireSSL="false"
protection="All"
slidingExpiration="true"
timeout="30" />
</authentication>
<!-- Validation, decryption keys and validation algorith must be the same (single sign-in) -->
<machineKey
validationKey="0C19A5B00A647F4C3D7BF76743BAA81431E945431D90952585AACD567A9A3748B43C0BBC4F8C331BAE7875CA35C2D49C79E7CEF54765249A9907CCCC668FC9FF"
decryptionKey="204CDB42A956C82A0D432D23D6ACEC46BA510F179C291261"
validation="SHA1" />
</system.web>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Nasir Razzaq
Are you still around?