You don't have to set the domain in code. It can be done in the config file for both the forms auth cookie and the role manage cookie (I'm assuing that's what you were talking about for roles "not working"):
Also, when you set the domain value it should be ".domain.com" -- notice the "." at the begining. Some browsers are more strict than others and won't honor the domain setting if you're missing the "." at
the begining.
I made the above changes to both web.config files. I am able to successfully log into the "portal.example.com" the role manager is working correctly I am seeing the correct content. When I try to go to one of the other domains "test1.example.com" on the
Page_Load of "test1.example.com" I am trying to do the following:
if (User.IsInRole("admin"))
{
Response.Redirect("~/test.aspx");
}
So now that the cookie is being sent to different apps, the other apps are trying to validate the contents. This means they're doing some crypto work and that means there are encryption keys and validation keys. By default each app uses different keys. For
this to work you need to configure the
<machineKey> elements to be the same in all the apps.
mdank
Member
70 Points
12 Posts
FormsAuthentication Question
Jun 27, 2012 07:18 PM|LINK
I have a domain with several subdomains. www.test1.example.com, www.test2.example.com, www.portal.example.com etc etc..
The "admins" have the option to log in through www.portal.example.com. Based on their roles they may see different links available to them.
Afer a succesful login I create the following:
FormsAutentication.SetAuthCookie(User.Identity.Name.ToString().Trim(), false);
//get the cookie and set to appropriate domain
System.Web.HttpCookie MyCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(User.Identity.Name.ToString(), false);
MyCookie.Domain = "example.com";
MyCookie.Name = "example";
Response.AppendCookie(MyCookie);
Several of the subdomains also use RoleGroups to display content. I am having trouble passing the role between subdomains.
I am able to retrieve the above cookie in any of the subdomains but I am unable to get the roles to work correctly. Any pointers would be appreciated.
BrockAllen
All-Star
27574 Points
4912 Posts
MVP
Re: FormsAuthentication Question
Jun 27, 2012 07:28 PM|LINK
You don't have to set the domain in code. It can be done in the config file for both the forms auth cookie and the role manage cookie (I'm assuing that's what you were talking about for roles "not working"):
<authentication mode="Forms">
<forms domain=".foo.com" />
</authentication>
<roleManager domain=".foo.com"></roleManager>
Also, when you set the domain value it should be ".domain.com" -- notice the "." at the begining. Some browsers are more strict than others and won't honor the domain setting if you're missing the "." at the begining.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
mdank
Member
70 Points
12 Posts
Re: FormsAuthentication Question
Jun 27, 2012 08:25 PM|LINK
Thanks for the quick response!
I made the above changes to both web.config files. I am able to successfully log into the "portal.example.com" the role manager is working correctly I am seeing the correct content. When I try to go to one of the other domains "test1.example.com" on the Page_Load of "test1.example.com" I am trying to do the following:
if (User.IsInRole("admin"))
{
Response.Redirect("~/test.aspx");
}
I am not hitting the Response.Redirect.
Am I incorrect to use the Page.User here?
BrockAllen
All-Star
27574 Points
4912 Posts
MVP
Re: FormsAuthentication Question
Jun 27, 2012 09:07 PM|LINK
So now that the cookie is being sent to different apps, the other apps are trying to validate the contents. This means they're doing some crypto work and that means there are encryption keys and validation keys. By default each app uses different keys. For this to work you need to configure the <machineKey> elements to be the same in all the apps.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
mdank
Member
70 Points
12 Posts
Re: FormsAuthentication Question
Jun 28, 2012 12:37 PM|LINK
Thank you! This is working like a charm in our staging environment. I may be back with more questions in a few weeks when we push to our server farm.