Quite a few months back, I was able to create a single sign on app for all
apps on a single box (perhaps a domain, but never tested) by setting the
auth cookie name to an identical value:
<authenticati on mode="Forms">
<forms name="SingleSig nOn" loginUrl="login .aspx">
</authentication>
I could then surf from app to app on the same box and the cookie, named the
same, would allow me to bypass the logon form. I currently have an app in
Framework 1.1, and I get the following:
Default cookie - log into each app, each time, when I bounce from app to app
Cookies with same name - same behavior
Cookies with diff name - log in once to each app, can then surf back and
forth
The actual test code is as follows:
web.config
-----------
<authenticati on mode="Forms">
<forms name="test1" loginUrl="login .aspx" timeout="30"
slidingExpirati on="true" path="/">
<credentials passwordFormat= "Clear">
<user name="Joe" password="passw ord" />
</credentials>
</forms>
</authentication>
<authorizatio n>
<allow users="Joe" /> <!-- Allow all users -->
<deny users="?"></deny>
</authorization>
Login.aspx
-----------
private void LoginButton_Cli ck(object sender, System.EventArg s e)
{
if(FormsAuthent ication.Authent icate(NameText. Text,PasswordTe xt.Text))
{
Session["ID"] = Session.Session ID;
FormsAuthentica tion.RedirectFr omLoginPage("Jo e", false);
}
else
{
BadPasswordLabe l.Text = "This is not a valid login.";
}
}
My thought is either
a) The methodology changed in Framework 1.1
b) I am missing something I had working before
At present, this is not a major issue, but it is something that is bugging
me.
--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
*************** *************** *************** *************** **********
Think Outside the Box!
*************** *************** *************** *************** **********