single sign on

I am trying to have a single sign on work between different domains (i.e. and

What I have tried to do so far is this.

On, I have a hidden iframe.  Once I log in and am forms authenticated on, I execute this line of code to "auto login" on (of course I would encrypt all data passed back and forth):

hologinframe.Attributes["src"] = "http:/";

The autologin.aspx page does this on pageload:

   FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, "username", DateTime.Now, DateTime.Now.AddMinutes(60), true, "");

        // Get the encrypted version of the ticket
        string strEncrypted = FormsAuthentication.Encrypt(ticket);

        // Put it into a cookie
        HttpCookie hc = new HttpCookie(FormsAuthentication.FormsCookieName, strEncrypted);
        hc.Expires = DateTime.Now.AddHours(12);

        Response.Cookies.Add(hc); // Add it to the cookies collection                                                      

        Response.Redirect(FormsAuthentication.GetRedirectUrl("username", true));

The odd thing that I am finding is that this works on IE, but does not on FF or Chrome.

The only way I could get the autologin to the site working on FF or Chrome is if I set the frame.src in the pageload of the login page of instead of the login_LoggedIn function.

Any help to get this working on in all browsers in the login_LoggedIn function?
Who is Participating?
I think FF and Chrome block cookies which are made inside an (invisible) iframe. The element needs to be visible for the cookie to be created. What we did is that the page on the second host generates an image (this just can be a 1x1pixel image). If you show that somewhere on the page the cookies should be created.
Gary DavisDir Internet SvcsCommented:
Verify your cookies are not being blocked - they may be consicered 3rd-party and depending on browser privacy settings, may be blocked. Use Firebug to view the Http net traffic and cookies sent by the browser.

Usually it is IE that is the problem but apparently not in this case.

Gary Davis
MikeCausiAuthor Commented:
Doesn't seem to be blocking the cookies.

I did test something different, however.  Instead of trying to access the logged_in event of the login control, I tried a regular button click on the website to auto login to the site.  This time it worked.  Something about the login control events is not letting the setting of the frame src work.
This doesn't yet resolve my problem since I want to use the built in login control.
MikeCausiAuthor Commented:
Going to come back to this another time, but your solution seems reasonable.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.