I found my answer . this is just the different frame work. One of my sub domain is in .NET 3.5 and the other (and the base domain) in .NET 4.5. this is the main answer why i can not authenticate in sub domain . thanked for all to help me.
Note: single sign on just work for the same frame work :)
single login with authentication in subdomain
-
27-09-2022 - |
Question
I know that a lot of post is here a bout this subject but I read most of them and my web site dose not work correctly .
at first I know my web config in all sub domain should the same authenticate and machine key
<authentication mode="Forms">
<forms loginUrl="reg.aspx"
protection="All"
timeout="30"
name=".ASPXFORMSAUTH"
path="/"
requireSSL="false"
domain=".exam.com"
defaultUrl="reg.aspx" cookieless="UseCookies" enableCrossAppRedirects="true"/>
</authentication>
<!-- I also test this without dot at first : domain="exam.com" -->
<machineKey validationKey="C50B....7C529AD3CABE" decryptionKey="8A9...B72F" validation="SHA1"/>
this codes are in both sub domain and main domain.And i put these codes in subdomain.exam.com in global page to login from cookies if the user login before :
protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
//let us extract the roles from our own custom cookie
string roles = BaseFunctions
.GetUserRoles(username);
//Let us set the Pricipal with our user specific details
e.User = new System.Security.Principal.GenericPrincipal(new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
and these code for login page to write data on cookies for each user
protected void Page_Load(object sender, EventArgs e)
{
if (Membership.ValidateUser(Login1.UserName, Login1.Password))
{
// sometimes used to persist user roles
string userData = string.Join("|", GetUserRoles(Login1.UserName));
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // ticket version
Login1.UserName, // authenticated username
DateTime.Now, // issueDate
DateTime.Now.AddMinutes(30), // expiryDate
true, // true to persist across browser sessions
userData, // can be used to store additional user data
FormsAuthentication.FormsCookiePath); // the path for the cookie
// Encrypt the ticket using the machine key
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
// Add the cookie to the request to save it
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
//cookie.HttpOnly = true;
cookie.Domain = "exam.com";// and i use this cookie.Domain = ".exam.com";
Response.Cookies.Add(cookie);
// Your redirect logic
//Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, true));
}
}
public static string GetUserRoles(string username)
{
DataTable result = null;
try
{
using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings[0].ConnectionString))
{
using (SqlCommand cmd = con.CreateCommand())
{
cmd.CommandType = CommandType.Text;
cmd.CommandText = "select roles from Users where username = @uname";
cmd.Parameters.Add(new SqlParameter("@uname", username));
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
result = new DataTable();
da.Fill(result);
}
if (result.Rows.Count == 1)
{
return result.Rows[0]["roles"].ToString().Trim();
}
}
}
}
catch (Exception ex)
{
//Pokemon exception handling
}
//user id not found, lets treat him as a guest
return "guest";
}
but it does not work !!!!!!!!! What should i do now? what is the problem?
Solution 2
OTHER TIPS
I'm fairly sure it mus be cookie.Domain = ".exam.com";
, with the dot in front, for the cookie to be shareable across subdomains.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow