single login with authentication in subdomain

StackOverflow https://stackoverflow.com/questions/21086548

Question

I know that a lot of post is here a bout this subject but I read most of them and my web site dose not work correctly .
at first I know my web config in all sub domain should the same authenticate and machine key 

<authentication mode="Forms">
  <forms loginUrl="reg.aspx" 
         protection="All" 
         timeout="30"
         name=".ASPXFORMSAUTH" 
         path="/" 
         requireSSL="false" 
         domain=".exam.com" 
defaultUrl="reg.aspx" cookieless="UseCookies" enableCrossAppRedirects="true"/>
</authentication>
<!-- I also test this without dot at first : domain="exam.com" -->
<machineKey validationKey="C50B....7C529AD3CABE" decryptionKey="8A9...B72F" validation="SHA1"/>

this codes are in both sub domain and main domain.And i put these codes in subdomain.exam.com in global page to login from cookies if the user login before : 

protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
    if (FormsAuthentication.CookiesSupported == true)
    {
        if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
        {
            try
            {
                //let us take out the username now                
                string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;

                //let us extract the roles from our own custom cookie
                string roles = BaseFunctions
                    .GetUserRoles(username);

                //Let us set the Pricipal with our user specific details
                e.User = new System.Security.Principal.GenericPrincipal(new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
            }
            catch (Exception)
            {
                //somehting went wrong
            }
        }
    }
}

and these code for login page to write data on cookies for each user 

 protected void Page_Load(object sender, EventArgs e)
{
    if (Membership.ValidateUser(Login1.UserName, Login1.Password))
    {
        // sometimes used to persist user roles
        string userData = string.Join("|", GetUserRoles(Login1.UserName));

        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
          1,                                     // ticket version
          Login1.UserName,                              // authenticated username
          DateTime.Now,                          // issueDate
          DateTime.Now.AddMinutes(30),           // expiryDate
          true,                          // true to persist across browser sessions
          userData,                              // can be used to store additional user data
          FormsAuthentication.FormsCookiePath);  // the path for the cookie

        // Encrypt the ticket using the machine key
        string encryptedTicket = FormsAuthentication.Encrypt(ticket);

        // Add the cookie to the request to save it
        HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
        //cookie.HttpOnly = true;
        cookie.Domain = "exam.com";// and i use this cookie.Domain = ".exam.com";
        Response.Cookies.Add(cookie);

        // Your redirect logic
        //Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, true));
    }

}
public static string GetUserRoles(string username)
{
    DataTable result = null;
    try
    {
        using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings[0].ConnectionString))
        {
            using (SqlCommand cmd = con.CreateCommand())
            {
                cmd.CommandType = CommandType.Text;
                cmd.CommandText = "select roles from Users where username = @uname";
                cmd.Parameters.Add(new SqlParameter("@uname", username));

                using (SqlDataAdapter da = new SqlDataAdapter(cmd))
                {
                    result = new DataTable();
                    da.Fill(result);
                }

                if (result.Rows.Count == 1)
                {
                    return result.Rows[0]["roles"].ToString().Trim();
                }
            }
        }
    }
    catch (Exception ex)
    {
        //Pokemon exception handling
    }

    //user id not found, lets treat him as a guest        
    return "guest";
}

but it does not work !!!!!!!!! What should i do now? what is the problem?

Was it helpful?

Solution 2

I found my answer . this is just the different frame work. One of my sub domain is in .NET 3.5 and the other (and the base domain) in .NET 4.5. this is the main answer why i can not authenticate in sub domain . thanked for all to help me.
Note: single sign on just work for the same frame work :)

OTHER TIPS

I'm fairly sure it mus be cookie.Domain = ".exam.com";, with the dot in front, for the cookie to be shareable across subdomains.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top