Question
I got two website, domain1.com and domain2.com, on domain1.com I have a generichandler that will write a response which tells whether or not the user is authenticated using:
https://stackoverflow.com/questions/17129796
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianstring json = "{\"status\":\"" + HttpContext.Current.User.Identity.IsAuthenticated + "\"}";
HttpContext.Response.Clear();
HttpContext.Response.ContentType = "application/jsonp"
HttpContext.Response.Write(json);
now if I view the generichandler using my browser everything works fine, if the user is logged in it will return "status":"true" otherwise "status":"false"
the problem starts when I send a request from domain2.com to this generichandler using $.get(), the result will always be "status":"false" regardless whether or not the user is logged in. Is this because there are some kind of cross domain violations? I really dont understand this, please help me, thank you.
Solution
When you use ASP.NET Forms Authentication a ASPXAUTH cookie is created for that domain.
Cookies are sent with each request so ASP.NET will look for the ASPXAUTH cookie (which doesn't exist in domain2.com) and determine that the user is not authenticated.
You might have to look into a cross domain SSO solution that fits your needs. Have a look here: http://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic
