469,331 Members | 1,596 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,331 developers. It's quick & easy.

Shared login authentication between two domains?!

Hi all,

We have a site called http://www.mydomainxyz.com/ and our network guy
has set up load balancing with multiple IIS servers. We also have a
function that allows users to upload photos on our website. Recently
we found that doing load balancing will cause the upload function not
workable sometimes and we came up with a plan by creating a specific
domain (let's say http://upload.mydomainxyz.com/) and linking it to
our primary web server. We expect that every uploaded pictures will be
stored under the folder of our primary IIS server. But here comes my
problem -

Since all users are required to login before uploading pictures, We
found that the new domain cannot carry over the login information that
our www domain already knows. In other words, if our users log in
http://www.mydomainxyz.com/, they have to login again when they switch
to the page beginning with upload. Is there any way that these two
domain can share the same login information without requiring them to
input login information again?

The http://upload.mydomainxyz.com/ will only be used for uploading
pictures only. All other pages we will use the www domain.

Here is what I did when login to www.mydomainxyz.com -

<%
set rs=server.createobject("adodb.recordset")
sql="select ID, username, pass from registration where username='" &
request("username") & "' and password='" & request("password")& "'"
set rs = conn.execute(sql)
if not rs.eof then
'Login cookies
response.cookies("login_situation")="OK"
response.cookies("login_name")=rs("username")
response.cookies("login_userid")=rs("Id")
else
response.redirect ("../login.asp")
end if

%>

Oct 30 '07 #1
1 3631
<ta********@gmail.comwrote in message
news:11**********************@v3g2000hsg.googlegro ups.com...
Hi all,

We have a site called http://www.mydomainxyz.com/ and our network guy
has set up load balancing with multiple IIS servers. We also have a
function that allows users to upload photos on our website. Recently
we found that doing load balancing will cause the upload function not
workable sometimes and we came up with a plan by creating a specific
domain (let's say http://upload.mydomainxyz.com/) and linking it to
our primary web server. We expect that every uploaded pictures will be
stored under the folder of our primary IIS server. But here comes my
problem -

Since all users are required to login before uploading pictures, We
found that the new domain cannot carry over the login information that
our www domain already knows. In other words, if our users log in
http://www.mydomainxyz.com/, they have to login again when they switch
to the page beginning with upload. Is there any way that these two
domain can share the same login information without requiring them to
input login information again?

The http://upload.mydomainxyz.com/ will only be used for uploading
pictures only. All other pages we will use the www domain.

Here is what I did when login to www.mydomainxyz.com -

<%
set rs=server.createobject("adodb.recordset")
sql="select ID, username, pass from registration where username='" &
request("username") & "' and password='" & request("password")& "'"
set rs = conn.execute(sql)
if not rs.eof then
'Login cookies
response.cookies("login_situation")="OK"
response.cookies("login_name")=rs("username")
response.cookies("login_userid")=rs("Id")
else
response.redirect ("../login.asp")
end if

%>
Don't create multiple cookies use a single multi value cookie like this:-

Set oLogonCookie = Response.Cookies("Logon")
oLogonCookie("state") = "ok"
oLogonCookie("username") = rs("username")
oLogonCookie("userId") = rs("id")
oLogonCookie.Domain = "mydomainxyz.com"

Note the domain property above will cause the cookie to be sent with
requests for any host in the domain (i.e., both upload and www will receive
the cookie regardless of which created it).

--
Anthony Jones - MVP ASP/ASP.NET
Oct 30 '07 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

1 post views Thread by Sean C. | last post: by
3 posts views Thread by masoud bayan | last post: by
3 posts views Thread by arun.hallan | last post: by
6 posts views Thread by =?Utf-8?B?UGFyYWcgR2Fpa3dhZA==?= | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
1 post views Thread by haryvincent176 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.