LockDev
asked on
ASP.NET Membership - One Login Multiple Domains
I have one .NET application which runs multiple websites - each on a different domain. (each website shows different products, but is controlled by the same application) If a user logs in to the website on one domain how can I set up that they will be logged in on all of the domains?
David Johnson, CD
use the same aspdb database
Hi LockDev,
Did this the other day on my local dev server, it's definitely doable...
You need one sql database catalog that has the aspnet_membership objects installed.
Two or more sites with a valid connection string defined in their respective web.config files, for connecting to the SQL database catalog.
The web.config in the two or more sites need to intialise the membership provider and roles provider.
More info:
asp.net login.aspx DefaultMembershipProvider to query an sql table for users?
Using the same membership for multiple websites in asp.net
Alan
Did this the other day on my local dev server, it's definitely doable...
You need one sql database catalog that has the aspnet_membership objects installed.
Two or more sites with a valid connection string defined in their respective web.config files, for connecting to the SQL database catalog.
The web.config in the two or more sites need to intialise the membership provider and roles provider.
More info:
asp.net login.aspx DefaultMembershipProvider to query an sql table for users?
Using the same membership for multiple websites in asp.net
Alan
ASKER
I use the same aspdb database. On localhost once I am log into one website, I am logged into all webseites. However, on the live server, if I am logged into one website which is on domainA.com, I am not logged into domainB.com.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Alan,
Thank you for your help. Will a session work between domains? Also, if a user closes their browser, then they would lose the session?
Thank you for your help. Will a session work between domains? Also, if a user closes their browser, then they would lose the session?
Hi LockDev,
Session will work for the current user between domains, using the same browser.
No guarantee to destroy session on closing the browser, cookie.expires determines the persistence of session. Easy enough to test, login using a browser, possibly good plan to test the big 3 browsers (IE,FF & GC); after logging in, kill the browser, then open the browser again, navigate to the site again, if you are still logged in, you have your answer; fairly sure you will be still logged in. All bets are off if you have opted for the browser to remember your login credentials, in which case you will definitely be logged in.
Alan
Session will work for the current user between domains, using the same browser.
No guarantee to destroy session on closing the browser, cookie.expires determines the persistence of session. Easy enough to test, login using a browser, possibly good plan to test the big 3 browsers (IE,FF & GC); after logging in, kill the browser, then open the browser again, navigate to the site again, if you are still logged in, you have your answer; fairly sure you will be still logged in. All bets are off if you have opted for the browser to remember your login credentials, in which case you will definitely be logged in.
Alan
ASKER
I would like to revisit this issue. I was thinking about another possibilty. Is it possible to use the DotNetOpenAuth library where our main website is an OpenID provider and all the other websites are OpenID users.
Thank you.
Thank you.