Re: Forms Authentication - context changing

From: Paul Glavich [MVP ASP.NET] (glav_at_aspalliane.com-NOSPAM)
Date: 02/10/05 

Date: Thu, 10 Feb 2005 22:45:39 +1100

I am not entirely sure that I have read your query right, but Forms Auth
works via the cookie (generally, if you using the default web.config
settings ie. cookieless=false) and the cookie is stored/named according to
your host name. So, if site A is http://SiteA and site b is http://SiteB
then the authentication will not carry across to each app.

If you do as you suggested, and make one site a sub-directory of the other
(and even a new virtual directory if you wish) then each site is accessed
using the same host name ie. http://SiteA and
http://SiteA/YourOtherDirectory and the cookie should be available to both
sites, thus you should not have to er-authenticate. 

-- 
- Paul Glavich
ASP.NET MVP
ASPInsider (www.aspinsiders.com)
"Grzegorz Kaczor" <grzegorz.kaczor@cc.com.pl> wrote in message
news:cuf6c5$o6c$1@nemesis.news.tpi.pl...
> Hello,
>
>      I have an ASP.NET application in my website in virtual folder A.
> This folder contains the application itself. I also have a data virtual
> directory B which contains data that can be seen by authenticated users.
>
>      I've implemented forms authentication (with application in folder
> A) in a standard way. I've also set up a redirection in IIS so that
> every request concerning folder B (for example GET /B/a/b/c) is
> redirected to A/GetFile.aspx (so the final request is
> A/GetFile.aspx/a/b/c). This way I can protect contents of the B folder
> with forms authentication.
>
>      Now I use the A application to find interesting documents in folder
> B. I find them and get a list of links, starting with /B... . I click on
> one of them and _I have to authenticate once again_ to get access to
> that file.
>
>      Is it possible to perform a redirect in the same authentication
> context?
>
>      Shall the problem occur if I make B be a subdirectory of A?
>
> Thanks
> Grzegorz Kaczor

Relevant Pages

  • Re: IIS 6 & forms authentication & redirect
    ... Your question really has nothing to do with IIS6 and Forms Authentication. ... sets a cookie to the browser for that given URL scope. ... URL scope, and the server-side application simply verifies that all ... I have an ASP.NET application in my website in virtual folder A. This ...
    (microsoft.public.inetserver.iis.security)
  • Roles and Forms Authentication problems
    ... I have been struggling with getting role-based security working with forms authentication. ... The first is that when I create my authentication ticket containing my roles and add the cookie, ... The login page resides in a secure folder under root. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • IIS 6 & forms authentication & redirect
    ... This folder contains the application itself. ... I've also set up a redirection in IIS so that ... every request concerning folder B is ... with forms authentication. ...
    (microsoft.public.inetserver.iis)
  • Re: IIS 6 & forms authentication & redirect
    ... > I have an ASP.NET application in my website in virtual folder A.> This folder contains the application itself. ... > I've implemented forms authentication in a standard way. ... I've also set up a redirection in IIS so that every request concerning folder B is redirected to A/GetFile.aspx. ...
    (microsoft.public.inetserver.iis)
  • IIS 6 & forms authentication & redirect
    ... folder contains the application itself. ... I've also set up a redirection in IIS so that every ... A/GetFile.aspx (so the final request is A/GetFile.aspx/a/b/c). ... I can protect contents of the B folder with forms authentication. ...
    (microsoft.public.inetserver.iis.security)