In order to enable forms authentication across multiple asp.net application you will have to setup the forms authentication to specify the same name, protection and path among all the asp.net applications that will be collaborating.
The following is an example of the configuration\system.web\authentication node in the web.config of each asp.net application.
<authentication mode="Forms">
<forms loginUrl="login.aspx"
name=".ASPXFORMSAUTH" protection="All"
path="/" timeout="30" />
</authentication>
Moreover, you will have to modify the MachineKey in the web.config (under the section configuration\system.web) of each application and remove the IsolateApps that is declared in the default machine.config.
If your applications are located on the same server or farm, then you may leave validationKey="AutoGenerate" and decryptionKey="AutoGenerate". Otherwise, you will have to specify a common validationKey and decryptionKey that will be shared among the asp.net applications. This way, each and every asp.net application will be able to validate the authentication cookie set during the authentication process.
One final thing to have in mind is that you’ll have to setup the same membership provider on all your asp.net applications in order to have access to the same users.
There is a very good article named “Configuring Forms Authentication Across Applications” in msdn where you can see a full config example.
No comments:
Post a Comment