forms authentication and simulating

Hi Dy,

From your description, you'd like to implement the FormsAuthentication
cross multi asp.net web application on separate machines in the local
intranet, yes?

Based on my understanding, the key point of the FormsAuthentication
acrossing multi web application is to shared the Authentication
cookie(token) across multi application. To resolve this , we have to make
some certain attributes under the <forms> element must be identical across
all the applications participating the webfarm authentication, they're
name, protection, path, validationKey, decryptionKey, and validation.
Here is the certain reference in MSDN:

#Forms Authentication Across Applications
http://msdn.microsoft.com/library/en...sauthenticatio
nacrossapplications.asp?frame=true

Please have a check to see whether all the settings are identical in your
two web applications. If you have any new findings, please feel free to
post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

Thank you very much. Late last night I figured this out.

A significant source of my problem was that when testing on my localhost it was not working. Apparently when accessing the 2nd application on my local pc i must use http://{nodename}.{domain}.com to access the application not http://localhos
Please confirm that this is correct. Is there another work around

Is there a work around so that when debugging it will access the local pages via the http://nodename ... format instead of http://localhost ? i.e. if i right click a page and tell it to use this page for startup it will go into debug mode via http://locahost/requestedpage.aspx instead of http://nodename.domain.com/requestedpage.asp

thanks for your quick response.

Hi Dy,

Thanks for the followup. I think you're correct, since the
FormsAuthentication's Authenticaiton Token is stored in client cookie by
default and the cookie is identify by the site's Domain name and path, so
if we don't use the correct domain name to visit the web application, the
cookie will fail to be shared.
Also, as for the debug problem, I'm afraid the "http://locahost" is the
fixed setting and it is only for single web application scenario. As for
your situation, you have multi-application need to use the same domain
name, I think you can manually visit the web application in IE browser and
use the Debug->processes to attach the aspnet_wp workerprocess to debug.
How do you think of this?

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

" I think you can manually visit the web application in IE browser and
use the Debug->processes to attach the aspnet_wp workerprocess to
debug.
How do you think of this? "

This seems like it is a work around but will make debugging very
painful as for each time you run you need to click 4 buttons to enter
debug mode. Are there any other alternatives? We are using this
forms auth. ticket for all our intranet apps so this could be quite
annoying.

Any ideas?
thx
dave

Hi Dave,

After some further research, I think we can use F5 to debug the web project
via a specified url rather than the localhost. In fact, in VS.NET we can
set the web project's debug mode. Open the project's property Pages
select "Configuration Properties" -> "Debugging" and under the
"StartAction" node, we can set the
"Debug Mode" property, by default it is project and the application's url
will be fixed with Http://locahost/app

However, we can change the mode to "Url" ,and then set the "StartUrl"
property as the page url we want to start with.
After that, when we push F5 to start debuging , the vs.net will launch the
IE window with the certain url setting above.

#Since we use this means to debug a local web application with a alias name
url, if we specify a remote application's url, we have to make sure the
current user account(should be a Domain Account in the local intranet) is
in the remote server's DebugUsers group

Here are some further reference will mention the security setting or
VS.NET remote debugging settings steps:

#Introduction to Web Application Debugging
http://msdn.microsoft.com/library/en...uctionToWebApp
licationDebugging.asp?frame=true

#HOW TO: Set Up and Use Remote Debugging in Microsoft Visual Studio .NET
http://support.microsoft.com/?id=318041

Hope also helps. Thanks.
Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

"dave" <dy@onlinelg.com> wrote in message
news:A7**********************************@microsof t.com...

Thank you very much. Late last night I figured this out.

A significant source of my problem was that when testing on my localhost it was not working. Apparently when accessing the 2nd application on my
local pc i must use http://{nodename}.{domain}.com to access the application
not http://localhost Please confirm that this is correct. Is there another work around?

Dave, you should be able to access both applications using http://localhost.
Simply use "" as your cookie domain.
--
John Saunders
jo**************@hotmail.com

Hi Dave,

Have you had a chance to check out the suggestions in my last reply or have
you got any further ideas on this issue? If you have anything unclear or if
there're anything else we can help, please feel free to post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx