We have several intranet ASP.NET web sites. Users log on to the sites by
using form authentication and custom security (user names and passwords are
stored in the database).
If a user logs on to the first site and from within this site is redirected
to another one, we would like to pass its security information along, so the
user doesn't need to log on again.
I am thinking of making a gateway page that will have two url parameters,
user id and the url of the next page:
gateway.aspx?us erId=123&nextPa geUrl="somePage .aspx"
Is this the only way to achieve that?
Thanks,
-Stan
6  1463 
"Stan" <no****@yahoo.c om> wrote in message
news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. We have several intranet ASP.NET web sites. Users log on to the sites by
using form authentication and custom security (user names and passwords
are stored in the database).
If a user logs on to the first site and from within this site is
redirected to another one, we would like to pass its security information along, so
the user doesn't need to log on again.
I am thinking of making a gateway page that will have two url parameters,
user id and the url of the next page:
gateway.aspx?us erId=123&nextPa geUrl="somePage .aspx"
Is this the only way to achieve that?
Stan,
You can continue using Forms Authentication on all the sites. Just use the
same cookie name for all sites, and a compatible domain name. For instance,
if your sites are http://a.b.company.com, http://b.b.company.com and http://x.company.com, then you'll need to use "company.co m" as the domain
for the cookie so that it will be sent to all three sites.
If the sites are on separate machines, you'll need to have the same
<machineKey> on all sites, either in the web.config of each site, or in the
machine.config of each machine.
Of course, this also means that if you use UserData on any site, that it
will have to be compatible with all of the other sites. For instance, if one
site puts a role list into UserData, you'll want all the sites to respect
that list, or at worst, to ignore it.
A common set of classes to implement this can be developed and then used on
each site. If you make the interface easy enough, you may not experience
much resistance in getting this implemented on all sites.
Good Luck,
John Saunders
Internet Engineer jo***********@s urfcontrol.com
Why not just use a database?
"John Saunders" <jo***********@ surfcontrol.com > wrote in message
news:e0******** ******@TK2MSFTN GP09.phx.gbl... "Stan" <no****@yahoo.c om> wrote in message
news:%2******** ********@TK2MSF TNGP09.phx.gbl. .. We have several intranet ASP.NET web sites. Users log on to the sites by
using form authentication and custom security (user names and passwords are stored in the database).
If a user logs on to the first site and from within this site is
redirected to another one, we would like to pass its security information along, so
the user doesn't need to log on again.
I am thinking of making a gateway page that will have two url
parameters, user id and the url of the next page:
gateway.aspx?us erId=123&nextPa geUrl="somePage .aspx"
Is this the only way to achieve that?
Stan,
You can continue using Forms Authentication on all the sites. Just use the
same cookie name for all sites, and a compatible domain name. For
instance, if your sites are http://a.b.company.com, http://b.b.company.com and
http://x.company.com, then you'll need to use "company.co m" as the domain
for the cookie so that it will be sent to all three sites.
If the sites are on separate machines, you'll need to have the same
<machineKey> on all sites, either in the web.config of each site, or in
the machine.config of each machine.
Of course, this also means that if you use UserData on any site, that it
will have to be compatible with all of the other sites. For instance, if
one site puts a role list into UserData, you'll want all the sites to respect
that list, or at worst, to ignore it.
A common set of classes to implement this can be developed and then used
on each site. If you make the interface easy enough, you may not experience
much resistance in getting this implemented on all sites.
Good Luck,
John Saunders
Internet Engineer
jo***********@s urfcontrol.com
"Jason (MFT1)" <us****@newsgro up.pls> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. Why not just use a database?
Use a database and ... what?
--
John Saunders
Internet Engineer jo***********@s urfcontrol.com
Sorry I thought it was self evident....Sill y me.
Well you can save your user identity info to the database and access the
info from each web application.
Heck, it's not brain surgery man.
LOL
"John Saunders" <jo***********@ surfcontrol.com > wrote in message
news:eu******** ******@tk2msftn gp13.phx.gbl... "Jason (MFT1)" <us****@newsgro up.pls> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. Why not just use a database?
Use a database and ... what?
--
John Saunders
Internet Engineer
jo***********@s urfcontrol.com
"Jason (MFT1)" <us****@newsgro up.pls> wrote in message
news:%2******** ********@TK2MSF TNGP12.phx.gbl. .. Sorry I thought it was self evident....Sill y me.
Well you can save your user identity info to the database and access the
info from each web application.
I don't know if you're serious or not.
He's talking about passing the identity of a user who has logged in to one
application from one application to another. Regardless of where details are
stored, the identity has to be passed.
--
John Saunders
Internet Engineer jo***********@s urfcontrol.com
"Stan" <no****@yahoo.c om> wrote in message
news:uN******** ******@TK2MSFTN GP12.phx.gbl... John,
Doesn't a session cookie expire when a user goes to another site? I don't
want to have a permanet cookie on disk....
No. Session cookies do not expire when you go to another site. Certainly not
another site within the same domain.
--
John Saunders
Internet Engineer jo***********@s urfcontrol.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Jason Huang |
last post by:
Hi,
Would someone explain the following coding more detail for me? What's the
( ) for?
CurrentText = (TextBox)e.Item.Cells.Controls;
Thanks.
Jason
|
by: WT |
last post by:
Hi,
Working on MS CRM 3, I have created an aspx page using vs2005 and .NET 2.
I am faced with a problem concerning the identity of the running user.
More details:
The CRM application which creates the iFrame is on the same server as the
called aspx page.
CRM is running .NET 1.1, my page .NET 2
They run under IIS6 in différent web sites, different application pools.
|
by: Fox1977 |
last post by:
Hi folks,
Just wondering if anyone can help me out with this problem I'm having
getting a particular .net web application to run on a windows 2003 r2
x64 platform running as a domain account.
Our current setup is as follows:
We have a windows 2003 domain with 4 web servers in. Two of them are
windows 2003 sp1 and I am trying to bring two new ones online. These
|
by: pbmods |
last post by:
A somewhat obscure hack has emerged recently that is an offshoot of the now-infamous XSS.
It is known as Cross-Site Request Forgery, or XSRF for short. XSRF is a form of temporary identity theft that can cause your computer to initiate banking transactions, send emails or text messages, or even change account info on your favorite site... without your ever realizing it!
THE GOOD NEWS
Before we get started on the doom and gloom, you...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
| | |
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
