• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 577
  • Last Modified:

Single Sign-In Forms Authentication not working across applications. Authentication cookie is not persisted!

Hi,

I have several applications (main admin with login page, several sub applications) that use a common, single sign-in page.
I have followed all .NET documentation and setup my web.config with the same settings forms authentication settings as well as a common machineKey (see config code below).

The authentication cookie is definitely created for the root application.
It is not persisted when traversing to another application.

As mentioned, all settings in the config are identical across each application.
I have copied and pasted several times over to ensure this is correct and can be discounted.

I must be missing an important step or misconfigured the config (see below).

Are the machine key settings correct? How does the application know that the machine key is encrypted etc and how to decrypt?

Any help on this would be great.

Thanks for your time.
Steve.
<system.web>
		
		
		<!-- Authentication -->
		<authentication mode="Forms">
 
			<!-- TODO: Ensure 'requiresSSL=true' and 'domain=xxxx.com' when deployed -->
			<forms name="1ab778d0-22ea-4096-ada7-a932fd00eac3"
				   domain="http://localhost/myclubz"
				   path="/myclubz/myclubz.web.admin/"
				   loginUrl="/myclubz/myclubz.web.admin/login.aspx" 
				   defaultUrl="/myclubz/myclubz.web.admin/default.aspx"
				   enableCrossAppRedirects="true"
				   requireSSL="false" 
				   protection="All"
				   slidingExpiration="true" 
				   timeout="30" />
 
		</authentication>
 
 
 
		<!-- Validation, decryption keys and validation algorith must be the same (single sign-in) -->
		<machineKey
			validationKey="0C19A5B00A647F4C3D7BF76743BAA81431E945431D90952585AACD567A9A3748B43C0BBC4F8C331BAE7875CA35C2D49C79E7CEF54765249A9907CCCC668FC9FF"
			decryptionKey="204CDB42A956C82A0D432D23D6ACEC46BA510F179C291261"
			validation="SHA1" />
		
	</system.web>

Open in new window

0
smacca
Asked:
smacca
  • 2
1 Solution
 
CodeCruiserCommented:
Are you still around?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now