Re: using a shared session

From: bruce barker (nospam_brubar_at_safeco.com)
Date: 01/03/05 

Date: Mon, 3 Jan 2005 08:57:00 -0800

you will need to do a ticket system. you can link because a cookie can not
be shared between domains, you will have to pass the ticket to site. this
means you can link between sites without requiring a new login, but if the
users hit the site directly, they will be prompted for a login.

you can use a common webservice (like ms passport) to handle the comon login
verfication and ticket.

-- bruce (sqlwork.com)

"masoud bayan" <masoud_bayan@hotmail.com> wrote in message
news:uXks6la8EHA.1264@TK2MSFTNGP12.phx.gbl...
| Hi,
|
|
|
| We have 3 different web applications on three different websites (and
| domains). Now we want to make it possible for users to login in each of
| these applications and can navigate to other applications without
| authenticating. So generally we need to have a shared session across
| applications (a single sign-on).
|
| Whenever a user logins in each application a session identifier is created
| and is saved in the cookie for that session.
|
| 1. Is there any chance to create cookies for other applications
| (websites) at the same time (login time in one of the apps)? So when user
| navigates to other sites, other server can read the session information
from
| cookie?
|
| 2. Is there any other approach that we can use to have single sign-on
| capability through our sites?
|
|
|
| Any advice is appreciated.
|
|
|
| Thanks
|
| Masoud
|
|
|
|
|
|
|
|

Relevant Pages

  • Re: Cookies Expiring due to different time zones.
    ... post to your aspx login, sending the cookie's date in a hidden field ... set the aspx login cookie using the date/time in the hidden field ... This is the code I am using to create the ticket, ... Your problem is that you're using an extremely short time for the cookie expiration. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Cookies Expiring due to different time zones.
    ... cookie is setting time according to my server. ... just not able to login. ... perfectly fine on my PC and many other PCs which have correct time. ... This is the code I am using to create the ticket, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Forms Authentication Roles based
    ... I am creating an application which has 3 roleswith login ... FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( ... // "true" for a persistent user cookie ... string hash = FormsAuthentication.Encrypt; ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • cookie value being garbled.
    ... Each request to the site refreshes the ticket (stored in a cookie). ... together then the next request after the login OK page receives ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Forms Authentication Name property
    ... number of web applications within it that all use the same authentication ... Then folks can login once for all the applications. ... use a forms authentication cookie named "mysite". ... The BROWSER chooses ...
    (microsoft.public.dotnet.framework.aspnet.security)