Forms Authentication across Sub-Domains
You can set the cookie to be the parent domain at authentication time but you have to explicitly set it, it will default to the full domain that you are on.
Once the auth cookie is correctly set to the parent domain, then all sub-domains should be able to read it.
asp.net Form Authentication across sub domains
I got this Forms Authentication ReturnUrl and subdomain for single sign-on
, That solved my problem.
I am not sure if that is the best way to do it, though.
Forms Authentication across Sub-Domains on local IIS
localhost.users
and localhost.host
is cross domain. Cookies cannot be shared cross domain.
You could configure it like this so that the sub-domain differs but the root domain stays the same:
users.localhost
host.localhost
Now set the cookie domain in your web.config to localhost
:
domain=".localhost"
and in your c:\Windows\System32\drivers\etc\hosts
file add the following 2 entries:
127.0.0.1 users.localhost
127.0.0.1 host.localhost
Now you will be able to successfully share the authentication cookie between users.localhost
and host.localhost
.
Ah, and don't forget to put a step in your automated build process that will transform your web.config value to the correct root domain before shipping in production.
Asp.Net Forms Authentication with Subdomains
So I figured out what was wrong. When logging in (and setting the cookie), I was sending a post request to a different domain than the one I was currently on (profile.teknik.io/Login). This for some reason was not setting the proper cookie, so no auth was occurring. Once I moved the login to the parent domain, the auth works correctly across subdomains.
Update 1
The real issue was the ajax request for logging in. It did not have CORS enabled, so once I did that, and added the appropriate allow headers, the request would work and the cookies would be saved correctly.
Forms Authentication Shared Across Websites
This is what is wrong.
Also, I do not specify the domain attribute of the authentication
element. It says it's optional, and that the default value will be "".
You should set the domain attribute in the forms element like this(not sure about the dot indicating a subdomain).
<forms domain=".mydomain.com" loginUrl="member_login.aspx" cookieless="UseCookies" />
The CookieDomain property value is set in the configuration file for an ASP.NET application by using the domain attribute of the forms configuration element. The CookieDomain property value determines the Domain that the cookie will be used for.
The documentation from your link states that
You can omit the domain attribute of the forms tag if there is only
one Web site on the server.
Which in your case, it is not.
ASP.NET MVC - cross sub domain authentication/membership
Try creating the cookie yourself.
In AccountController you'll find this:
FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);
that "creates and adds to the cookie collection". It doesn't allow modification of the domain (but does allow modification of the path, oddly). Instead create a cookie without adding to the collection, modify the necessary properties, then add to the collection:
var a = FormsAuthentication.GetAuthCookie(userName, createPersistentCookie);
//if you're debugging right here, a.Domain should be en.example.com; change it
a.Domain = "example.com";
HttpContext.Current.Response.Cookies.Add(a);
James
Related Topics
How to Reference Generic Classes and Methods in Xml Documentation
Invalid Attempt to Read When No Data Is Present
Clipboard.Gettext Returns Null (Empty String)
Is String.Contains() Faster Than String.Indexof()
Dotnet Core System.Text.JSON Unescape Unicode String
Xml.Loaddata - Data at the Root Level Is Invalid. Line 1, Position 1
A Simple C# Dll - How to Call It from Excel, Access, Vba, Vb6
How to Format a Number into a String with Leading Zeros
Add Items to Columns in a Wpf Listview
How to Build a Datatemplate in C# Code
Why Should I Use Int Instead of a Byte or Short in C#
Wpf: Binding a Contextmenu to an Mvvm Command
Merge Two (Or More) Lists into One, in C# .Net